Highly critical zero day vulnerability in Windows discovered

Discussion in 'other security issues & news' started by vasa1, Dec 20, 2011.

Thread Status:
Not open for further replies.
  1. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,417
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    At the moment this is just a proof of concept and only has been shown to work with Safari.

    I'm not too worried =p
     
  3. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Pardon me if I don't fall over from shock here. Well, anyway, IFrame huh? Should be fairly easy to avoid that.
     
  4. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,342
    Location:
    USA
    Good ole IFrame. Websites still use that lol...
     
  5. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Clearly highly critical... lol. Gotta love some article titles. The funny part is I know a few people with macbooks, even they don't use Safari.
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    This is a windows vulnerability. Just because the POC uses Safari does not mean it's Safari specific.
     
  7. MessageBoxA

    MessageBoxA Registered Member

    Joined:
    Jun 20, 2011
    Posts:
    62
    Not so fast, this NtGdiDrawStream exploit appears to be a bug in the OS itself and should be exploitable from nearly anywhere... this exploit can be triggered by through the GdiDrawStream function exported from GDI32.DLL library.... which nearly all usermode applications have loaded in its address space.

    Its funny how many of these undocumented functions have holes.

    Best Wishes,
    -MessageBoxA
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Oh, I know that. That's why I said this:

    I'm just not worried about a POC.
     
  9. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    172,390
    Location:
    Texas
    http://news.cnet.com/8301-27080_3-57345683-245/microsoft-reviewing-reported-windows-7-safari-hole/
     
  10. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,417
    It's standard procedure to downplay anything negative, isn't it?
     
  11. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    What I think that truly stands out in this bug alert is that, for the first time that I'm aware of (I don't possess all info... :D), Windows 7 x86 users are off the hook. :argh:
     
  12. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Clearly, even though I can think of several *real* highly critical exploits this year.
     
  13. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Any examples other than the most bloated browser?
     
  14. guest

    guest Guest

    http://secunia.com/community/advisories/terminology/

     
  15. trismegistos

    trismegistos Registered Member

    Joined:
    Jan 29, 2009
    Posts:
    363
    They have just patched the very critical kernel vulnerability on TTF parsing(win32k.sys) used by Duqu. And here again is a vulnerability on win32k.sys which can be used as an exploit that can be used for remote code execution and privilege escalation. At least no working zero day kernel exploit yet.
     
  16. guest

    guest Guest

    imagine that, everybody"s super hack-proof Win 7
    HACKED :'(
     
  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    I don't think anyone would say Win7 is hackproof. Though I think some people give it a bit too much credit.
     
  18. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  19. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Yeah, real critical:

    "at this time, our colleagues in the US do not believe that the vulnerability is capable of infecting Windows systems with malware"

    But even if it can be used:

    "Although the vulnerability lies not in the browser but in this Windows component, the relevant function is frequently called by browsers. Microsoft considers that, for this reason, Internet Explorer versions prior to 9 could be affected by this problem and recommends that individuals and business users should upgrade to the latest version."

    Sounds like IE9/10 users are perfectly safe, and the fact this can be done in Safari in the first place sounds like a flaw. Using flaws to discover flaws, weird.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.