Microsoft today warned users of a vulnerability in the 64-bit versions of Wndows 7 and Windows Server 2008 R2 that could be used to hijack systems.
The bug is in Windows' Canonical Display Driver, which blends the operating system's primary graphics interface, dubbed Graphics Device Interface (GDI), and DirectX to compose the desktop. According to Jerry Bryant, a group manager with the Microsoft Security Response Center (MSRC), the vulnerability affects any machine with the flashy "Aero" interface, which is the default on all but the least-expensive editions of Windows 7. Aero is an optional install on Windows Server 2008 R2.