New Remotely Exploitable Vulnerability Found in 64-bit Win7
An independent researcher has discovered a remotely exploitable vulnerability in Windows 7 that's linked to Apple's Safari browser.
Threat Post, a Kaspersky Lab security news service, reports that researchers are now warning about a new remotely exploitable vulnerability discovered in the 64-bit version of Windows 7. This vulnerability can be used by an attacker to run arbitrary code with kernel-mode privileges on a vulnerable machine.
The problem was first reported days ago by an independent researcher via Twitter, but has since been confirmed by Secunia. He claimed to have discovered a method for exploiting the vulnerability by simply feeding an iframe with an overly large height to Safari.
"A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system," reads the Secunia warning. "The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large "height" attribute viewed using the Apple Safari browser."
"The vulnerability is confirmed on a fully patched Windows 7 Professional 64-bit," the warning adds. "Other versions may also be affected."
After the exploit was reported, Microsoft didn't confirm the problem, but merely stated that it was investigating the evidence. "We are currently examining the issue and will take appropriate action to help ensure the customers are protected," said Jerry Bryant, group manager of response communications in Microsoft's Trustworhty Computing Group.
As indicated, the only known attack vector for this specific vulnerability is through the use of Apple's Safari browser on Windows 7. As of November 2011, the Safari browser commanded only 5.92-percent of the browser market, so there doesn't seem to be a potential widespread problem. So far there's no indication that the three most popular browsers -- Internet Explorer (40.63-percent), Chrome (25.69-percent) and Firefox (25.23-percent) -- share a similar vulnerability when used in Windows 7.
Who the hell uses Safari on Windows?
Who the hell uses Safari on Windows?
Other browsers or programs that call this function might be vulnerable, too.
Not that many, apparently. I installed it once just to see it, but have since then have had to reformat my computer due to a black screen, which I'm sure is unrelated, considering I never launched Safari since I'd installed and looked at it.
I reported the virus to microsoft. And it was one they never sae yet.
So I say, safari has their proplems. Also upgrading to the latest version of safari, bricks your itunes/safari, so it can't access the internet. THe new safari uses multiple threads to download from the internet and render pages, well that engine has bugs and wont work on all computers, so I had to downgrade my safari.
I am just thankful for execution disable bit.
Straight! Hate servicing Windows machines with Apple software installed - a ton of junk in the Startup that has to be disabled... "NO, don't touch this, this is APPLE, this is for my iPod!!!" - if you're dumb enough to install all that bloatware for your iPod, at least make sure that it doesn't spawn 10 more things to slow down your system like it normally does.
In the interest of playing devils advocate, based solely on the article (specifically this line: ""The vulnerability is confirmed on a fully patched Windows 7 Professional 64-bit. Other versions may also be affected.") I'd say they simply haven't tested for it on other browsers/versions of Windows. While that doesn't mean other browsers ARE affected, it also doesn't mean they AREN'T.
We'll have to wait and see what these researchers find.
Also, I laughed inside when Kevin made a point to say "independent" researchers. There's almost no such thing anymore.
"New Remotely Exploitable Vulnerability Found in 64-bit Win7"
Shouldn't a more responsible title be "Apple's Safari Browser creates New Remotely Exploitable Vulnerability when used on 64-bit Win7"
Trying to blame MS for an Apple created issue, pretty weak writing.
The vulnerability is actually in a function that's part of Windows.
If Safari can call that function and execute arbitrary code, then so can other programs.
The vulnerability is there and crafty hackers will find ways to exploit it if Microsoft gives them enough time.