Microsoft has put security administrators on alert about a fresh vulnerability in the company’s Windows Graphics Rendering Engine that could lead to the takeover of a user’s computer upon opening a malicious image.
Microsoft says it is working on a formal patch for the problem, though it does not plan to issue the fix ahead of its next regular monthly Patch Tuesday release, scheduled for next week. eSecurity Planet takes a look at the Windows Graphics Rendering Engine vulnerability.
Microsoft warned security professionals and users on Tuesday of a newly-found zero-day vulnerability in the Windows Graphics Rendering Engine in several versions of Windows.
Microsoft’s (NASDAQ: MSFT) security team decided that the bug is serious enough for the company to announce it is working on a formal patch to the problem, but not so dangerous that the company feels it’s necessary to release the patch “out of cycle” — outside of its regular monthly patch distribution cycle, according to a Microsoft spokesperson.