Depending upon which metrics one uses, Safari has somewhere in the neighborhood of nine to 11 percent market share. The only known attack vector for this vulnerability right now is the Safari browser running on Windows 7, which is not the most common combination. “We are currently examining the issue and will take appropriate action to help ensure the customers are protected,” Jerry Bryant, group manager of response communications in Microsoft’s Trustworhty Computing Group said. Microsoft officials have not confirmed the vulnerability, but said that they’re looking into it. Successful exploitation may allow execution of arbitrary code with kernel-mode privileges,” the Secunia advisory said. a specially crafted web page containing an IFRAME with an overly large “height” attribute viewed using the Apple Safari browser. The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. “A vulnerability has been discovered in Micros oft Windows, which can be exploited by malicious people to potentially compromise a user’s system. The exploit gives the attacker the ability to run arbitrary code on the victim’s machine. In a message on Twitter, a researcher named w3bd3vil said that he had found a method for exploiting the vulnerability by simply feeding an iframe with an overly large height to Safari. The bug was first reported a couple of days ago by an independent researcher and confirmed by Secunia. Researchers are warning about a new remotely exploitable vulnerability in 64-bit Windows 7 that can be used by an attacker to run arbitrary code on a vulnerable machine.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |