Industry News » 64-bit Windows 7 Crashed by Tags
64-bit Windows 7 Crashed by Tags
A blue-screen-of-death bug has been found in Windows 7 and currently remains unpatched.
This critical flaw is provoked by a simple HTML script which induces a kernel-triggered page fault in the system’s RAM, causing the system to crash. The crash fault is known to only affect the 64-bit version of Windows 7, with no other versions of Windows seen to be affected. Further to this, the flaw has only been seen when using Apple’s Safari browser.
The flaw is thought to allow malicious code to be injected into a user’s machine at the kernel level, which may allow hackers to seize control of a machine. Proof-of-concept code has leaked on the internet, though the simple nature of the HTML script that causes the issue--an IFRAME tag with an excessively large height attribute--should be easily reproducible by even novice hackers.
(Source: El Reg)
Epicentre Says: “A flaw of this kind has a very specific set of conditions required to trigger it, and with the flaw currently relying on an Apple browser being used on a 64-bit Windows machine, the chances of users being affected appears to be quite low. However, it’s only a matter of time until the underlying issue is exploited in another way, in another browser.”
