New Remote Flaw In 64-Bit Windows 7

Trailrunner7 writes "Researchers are warning about a new remotely exploitable vulnerability in 64-bit Windows 7 that can be used by an attacker to run arbitrary code on a vulnerable machine. The bug was first reported a couple of days ago by an independent researcher and confirmed by Secunia. In a message on Twitter, a researcher named w3bd3vil said that he had found a method for exploiting the vulnerability by simply feeding an iframe with an overly large height to Safari. The exploit gives the attacker the ability to run arbitrary code on the victim's machine."

Does anyone read anymore?

[mwfischer]

It's a Safari bug that happens to be run on Windows.

As much as I would like to see Microsoft go down in flames, it's a Safari bug.

Re:Does anyone read anymore?

[rubycodez]

Don't you read anymore? "The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory". This is Microsoft buggy code causing issue, Safari problem is merely one way to cause rooting of machine, other softwares using this service will undoubtedly provide more cases.

Re:Headline.. Flaw in APPLE Safari for windows fou

[rubycodez]

article text: "The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory". It is Microsoft's usual sloppy coding and lax security being the root cause of making safari problem possible.