Microsoft describe the investigation of a publicly reported vulnerability in Windows Canonical Display Driver (cdd.dll). “We’re not aware of any current customer impact as a result of the issue. CDD is used by desktop composition to blend Windows Graphics Device Interface (GDI) and DirectX drawing. Vulnerability affects x64 -Windows 7, Windows Server 2008 R2, and Windows Server 2008 R2 for Itanium systems. If exploited, it would likely cause affected system to stop responding and restart. Code execution, while possible in theory, would be very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization (ASLR). Additionally, this vulnerability only affects Windows systems if they’ve Aero theme installed; Aero isn’t switched on by default in Windows Server 2008 R2, nor does 2008 R2 include Aero-capable graphics drivers by default.With that in mind, we’re giving this vulnerability a preliminary Exploitability Index rating of 3, meaning we’ve deduced so far that reliable exploit code is unlikely,” explains Microsoft.
We’re currently developing a security update for Windows that’ll address vulnerability. In the meantime, disable Windows Aero as a workaround to protect against potential threats. With Aero disabled, the path by which cdd.dll can be exploited is bypassed.
Refer: Security Advisory 2028859