Jerry Bryant, group manager of Response Communications at Microsoft's Security Response Centre (MSRC), wrote on his blog: 'Code execution, while possible in theory, would be very difficult due to memory randomisation both in kernel memory and via Address Space Layout Randomisation (ASLR).'
Microsoft has played down the bug though, claiming it is very difficult to trigger. The vulnerability in the Windows Canonical Display Driver used to bring together Windows Graphics Device Interface (GDI) and DirectX drawing could allow for malware to infiltrate systems, stopping it responding and forcing it to restart. A new flaw found in 64 bit versions of Windows 7 and Windows Server 2008 R2 could leave users vulnerable to malware attacks, Microsoft has warned.
