updated 08:30 pm EST, Tue December 20, 2011
Gives attacker ability to run arbitrary code
Microsoft is said to be looking into a new vulnerability in the 64-bit version of Windows 7 that can be exploited through Apple's Safari web browser for Windows, according to a report on Threat Post. The flaw, reported a few days ago by an independent researcher on Twitter and confirmed by Secunia, would allow an attacker to run arbitrary code on victimized machines.
In the original message, the hacker (known as w3bd3vil) says feeding an iframe with a excessively large height property in Safari causes a Blue Screen of Death (BSOD). Further exploitation of the flaw could also execution of arbitrary code with kernel-mode privileges. In a later tweet, he clarified that it was the NtGdiDrawStream which is being called multiple times that is causing the crash in Windows 7.
Until Microsoft is able to correct the issue, the relative obscurity of Safari on Windows is the only protection against the attack. While Safari has an overall (approximately) ten percent share of the browser market, the vast majority of that figure comes from Mac users, where Safari is the default browser.
So far, the attack only works when launched through the Safari browser, but it is possible that the vulnerability could be exploited through other browsers as well. Safari is based on WebKit, which is also used in Google's Chrome and other less-popular Windows browsers. [via Threat Post]