1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Windows 7 Plus Web Browser Plus Special Sauce Make Simple Blue Screen Recipe!

Discussion in 'News' started by qubit, Dec 22, 2011.

  1. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    14,110 (4.05/day)
    Thanks Received:
    7,747
    Location:
    Quantum Well UK
    To make this delicious poison dish, simply take a large dollop of Windows 7 Professional, mix it with a portion of Safari and add a dash of special iFrame sauce and voila! instant Blue Screen of Death. The flaw is triggered by running Apple's Safari web browser on a fully patched 64-bit Windows 7 Professional, then feeding it a web page containing a simple iFrame with an overly long height attribute, like this: < iframe height='18082563'> (remove the space after the first angle bracket) Result: Windows 7 falls over instantly with a memory corruption error. Ouch. Interestingly, it seems that 32-bit Windows 7 doesn't suffer from this vulnerability and neither does XP SP3 32-bit, although this is by no means certain at this point. The flaw appears to be in the win32k.sys kernel-mode driver, which is a common source of critical Windows vulnerabilities. It was first reported by Twitter user webDEViL (@w3bd3vil) and being a zero day vulnerability, there's currently no fix or workaround for it. However, the worst part about this critical vulnerability, is that Safari runs 100% in User Mode, which is effectively a type of sandbox, preventing an application from bringing down Windows, regardless of what it does. There's obviously a little loophole here though.

    [​IMG] [​IMG]

    To prevent a malicious web page from taking out Windows 7 at the moment, inspection of every web page before being rendered by the browser would have to be performed by installed security software, which would tend to reduce browsing performance and increase CPU usage. Alternatively, just don't use Safari.

    Respected security outfit Secunia has looked at this vulnerability and believe that the crash could be used to execute malicious code, rather than just kill the operating system. They have issued advisory SA47237 about this problem:
    Additionally, Secunia's chief security specialist Carsten Eiram, expanded on this problem:
    As can be expected, this rather embarrassing zero day security flaw is being urgently looked into by Microsoft: "We are currently examining the issue and will take appropriate action to help ensure customers are protected" said Jerry Bryant, Group Manager, Response Communications Microsoft Trustworthy Computing. Of course, one must ask why is it only Safari that does this, so Apple should be equally concerned to fix their browser.

    Below is an 11 second video demonstration of the flaw:



    Source: InfoWorld
     
    Last edited by a moderator: May 9, 2016
    AlienIsGOD says thanks.
  2. AlienIsGOD

    AlienIsGOD

    Joined:
    Aug 9, 2008
    Messages:
    4,399 (1.36/day)
    Thanks Received:
    2,515
    Location:
    Kingston, Ontario Canada
    Thanks Qubit :D now i know how to piss all my friends off that run 7 64bit :toast: :toast::pimp: :respect:
     
    qubit says thanks.
  3. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    14,110 (4.05/day)
    Thanks Received:
    7,747
    Location:
    Quantum Well UK
    Yes, I can't wait to try it either. :D

    Anyone want to try it and report on it here?
     
    Last edited: Dec 22, 2011
    AlienIsGOD says thanks.
  4. BlackOmega

    BlackOmega

    Joined:
    Feb 7, 2009
    Messages:
    620 (0.20/day)
    Thanks Received:
    158
    Location:
    Michigan, USA
    People actually use Safari on Windows??? :twitch:

    I think it sucks on Mac, now I have all the more reason to hate Safari.
     
    1c3d0g says thanks.
  5. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    9,680 (2.28/day)
    Thanks Received:
    2,162
    Win X64 uses random writes for the kernel and locations as a security measure. It seems like this is just a memory overflow that causes the system to freak out about safari not writing to its own memory. Safari soumds like it has a issues with the x64 setup.
     
    10 Year Member at TPU 10 Million points folded for TPU
  6. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,817 (3.65/day)
    Thanks Received:
    5,629
    Location:
    Cheeseland (Wisconsin, USA)
    Interesting.
    Is Safari on Windows a 32 or 64 bit app?
    How do the other browsers fair between their 32 and 64 bit versions?
     
    10 Year Member at TPU
  7. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    22,246 (6.06/day)
    Thanks Received:
    8,991
    Location:
    'Merica. The Great SOUTH!
    I like how you left out the fact the same iframe will not cause a crash in IE, Opera or Firefox and is solely isolated to Safari. This is a Safari issue. Not a Windows issue.
     
    Jstn7477 says thanks.
    10 Year Member at TPU
  8. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    45,846 (9.87/day)
    Thanks Received:
    13,300
    Location:
    Australalalalalaia.
    i dont think anyone at all uses 64 bit browsers. they just use 32 bit.
     
    10 Year Member at TPU
  9. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    9,680 (2.28/day)
    Thanks Received:
    2,162
    IE is 64 bit capable.
     
    1c3d0g says thanks.
    10 Year Member at TPU 10 Million points folded for TPU
  10. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    45,846 (9.87/day)
    Thanks Received:
    13,300
    Location:
    Australalalalalaia.
    separate .exe that requires separate plugins etc. hence, no one uses it.
     
    10 Year Member at TPU
  11. johnspack

    johnspack

    Joined:
    Oct 6, 2007
    Messages:
    5,062 (1.43/day)
    Thanks Received:
    1,185
    Location:
    Nelson B.C. Canada
    Funny, all I've used is 64bit browsers for at least 2 years. Far more secure normally, as most malware is written for 32bit browsers. I'll stick with firefox64 now though, especially since flash is now working under 64 bit. I truly believe 32 bit browsers are much more vulnerable.
     
  12. micropage7

    micropage7

    Joined:
    Mar 26, 2010
    Messages:
    7,387 (2.79/day)
    Thanks Received:
    1,914
    Location:
    Jakarta, Indonesia
    agree. its more like safari issue that makes windows crash
    if its ok on FF, chrome and opera. its must be safari issue
     
  13. theJesus

    theJesus

    Joined:
    Jul 20, 2008
    Messages:
    4,015 (1.23/day)
    Thanks Received:
    917
    Location:
    Ohio
    I use it on the rare occasions that I use IE
     
  14. johnspack

    johnspack

    Joined:
    Oct 6, 2007
    Messages:
    5,062 (1.43/day)
    Thanks Received:
    1,185
    Location:
    Nelson B.C. Canada
    If chrome had a 64 bit version, I might consider it, but security demands 64bit in this day and age....
     
  15. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    22,246 (6.06/day)
    Thanks Received:
    8,991
    Location:
    'Merica. The Great SOUTH!
    I dont believe a 64-bit browser gives you anymore security then a 32-bit one. Do you have any links to support this claim?
     
    10 Year Member at TPU
  16. Undead46

    Undead46 New Member

    Joined:
    Feb 16, 2011
    Messages:
    256 (0.11/day)
    Thanks Received:
    23
    Location:
    USA, Texas
    Who the hell runs Safari on Win7? :)
     
    1c3d0g says thanks.
  17. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    14,110 (4.05/day)
    Thanks Received:
    7,747
    Location:
    Quantum Well UK
    The fault is in Windows and Safari, as I clearly explained in the article. Read it over again carefully, peeps. ;)
     
    garyinhere says thanks.
  18. garyinhere

    garyinhere

    Joined:
    Jan 26, 2010
    Messages:
    1,641 (0.61/day)
    Thanks Received:
    1,120
    Location:
    I'm roomates with Corey Feldman

    "If you put a penis where a vag was it won't work well" Chaz
    Bono
     
    qubit says thanks.
  19. RejZoR

    RejZoR

    Joined:
    Oct 2, 2004
    Messages:
    11,120 (2.39/day)
    Thanks Received:
    4,997
    Location:
    Europe/Slovenia
    Why would anyone want to use Safari on Windows system?
     
    10 Year Member at TPU
  20. Drone

    Drone

    Joined:
    Sep 1, 2010
    Messages:
    5,671 (2.28/day)
    Thanks Received:
    6,102
    Opera 12 alpha in Windows 8 also can BSOD with corrupted memory error, I've discovered that bug when development builds of Windows 8 and Opera 12 just got released. Shame that Windows kernel is so faulty, there are some common kernel bugs since Windows 98 that affect all versions and weren't fixed even today.
     
  21. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    22,246 (6.06/day)
    Thanks Received:
    8,991
    Location:
    'Merica. The Great SOUTH!
    Ah so you are now gonna cover every single application that may crash an OS?
     
    10 Year Member at TPU
  22. Grings

    Grings

    Joined:
    Nov 16, 2006
    Messages:
    2,717 (0.70/day)
    Thanks Received:
    446
    Location:
    Blighty
    Obviously Macs are more reliable than PC's
     
    10 Year Member at TPU
  23. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    14,110 (4.05/day)
    Thanks Received:
    7,747
    Location:
    Quantum Well UK
    What's tickled you, mailman? There are two separate flaws here. Put them together and kaboom! It's pretty serious.

    No need for anyone to apologize for Microsoft and Apple - they should fix it. It's good that this problem was exposed, as both pieces of software will now be that little bit more secure once these are patched. And who knows what other related flaws will be fixed once these two are patched.

    That's a joke, right?
     
  24. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    22,246 (6.06/day)
    Thanks Received:
    8,991
    Location:
    'Merica. The Great SOUTH!
    I'm not pickin at ya man. I'm just saying its not a big deal. I mean any software not coded correctly can cause a BSOD in Windows. Is this news because you personally don't like Apple and Microsoft or do the people of TPU use Safari? See what I'm getting at? Anyway opinion aside its a good write up. :toast:
     
    qubit says thanks.
    10 Year Member at TPU
  25. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    14,110 (4.05/day)
    Thanks Received:
    7,747
    Location:
    Quantum Well UK
    Oh yes ya are! :laugh: :toast:

    No, the kicker is that it's user mode software, which isn't supposed to crash the OS, whatever it does.

    Also, of course I had to write up this story, because:

    - It's been widely reported, it's easy to try out and it's a bit of an oops moment for MS, which is always newsworthy, lol

    - It's nothing to do with my feelings about Apple & Microsoft: any company would be fair game over a cockup like this :)

    - Just look at the headline I made up! And the first line to go with it. I beta tested it for humour on a couple of friends before publishing it and it passed the laugh test with flying colours! I think it's my favourite title ever :D
     
    robn says thanks.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)