Secunia has reported that an unpatched security vulnerability in the 64-bit version of Windows 7 may be able to be exploited to inject and execute malicious code; currently, the only known exploit causes the system to crash.
It is possible to trigger a memory error in the system file win32k.sys by accessing a crafted HTML file in Safari. webDEViL, who discovered the vulnerability, has published a proof of concept on Twitter. His demo simply consists of an IFrame with a specific height which when displayed in Safari results in a blue screen of death.
Read more at H-online
Uncategorized December 21st 2011