14 DAY TRIAL // What is the fastest way to Windows' heart? Well, take your pick. The Windows operating system is hardly bulletproofed. This although Microsoft has the largest degree of control over the end result of its own development process. But on top of the operating system and the native components that ship by default with the product, additional items intermingling with the platform's fabric situate themselves outside the Redmond company's sphere of influence.
In this respect, in the usual trade-off between a high level of security and extended functionality, Windows ships with a range of third-party materials designed ultimately to improve software and hardware compatibility and support. Windows XP for example shipped with some 10,000 drivers back in 2001. Six years later, Windows Vista included at the consumer launch in January approximately 20,000 drivers. That's right, one of the fastest ways to Windows' core is piggyback riding a faulty third party driver.
Case in point, a vulnerability Macrovision SECDRV.SYS driver impacting Windows XP and Windows Server 2003 that could allow for elevation of privileges in the eventuality of a successful attack. "Microsoft is working with Macrovision, investigating new public reports of a vulnerability in the Macrovision secdrv.sys driver on supported editions of Windows Server 2003 and Windows XP. This vulnerability does not affect Windows Vista. We are aware of limited attacks that try to use the reported vulnerability. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary", Microsoft revealed via a security advisory.
According to the Redmond company, Windows Vista is not affected by the vulnerability residing in the Macrovision SECDRV.SYS driver. Microsoft failed to confirm if Vista's added mitigation, mandatory driver signing has anything to do with the issue. The vulnerability is actively exploited in the wild, but Macrovision has a patch in place addressing the issue.
"Microsoft is concerned that this new report of a vulnerability in the Macrovision secdrv.sys driver on supported editions of Windows Server 2003 and Windows XP was publicly disclosed, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities", Microsoft added.