The Proof of Concept code for this exploit (which ended up getting leaked) shows how a simple IFrame, with an abnormally large height attribute, causes a page fault in the kernel and triggers a BSOD (Blue Screen of Death). The flaw has been tracked to an issue with the win32k.sys file (which is only in the 64-bit version of the OS).

Microsoft has acknowledged the issue and is working to track down and fix the exact problem. Looking in from the outside it appears that at least some of the code in Safari is running in Kernel mode and not Usermode. This could be (and this is a guess based on the symptoms of the crash) due to the QuickTime plug-in that Safari uses and its HDCP feature. If Safari is elevating permissions or attempting to run this through the browser in Kernel Mode this could be where the exploit lies.

For now the only way to avoid this is to not use Safari, or to wait on Microsoft (or Apple) to come out with a fix for the flaw in the Win32k.sys file.

Discuss in our Forum