Security company Secunia has flagged a vulnerability in Windows 7 as highly critical, after it verified a tweeted claim that the operating system could be forced into a "blue screen of death" (BSOD) under certain quirky circumstances.
According to the advisory, the vulnerability is caused by an error in a Windows system file, Win2k.sys, which can be exploited to corrupt memory. The advisory states that it could be used to allow the execution of arbitrary code to take control of the machine.
There is a caveat, however; the machine has to be running the 64-bit version of Windows 7, and at the moment the only known way to trigger the vulnerability is when a specially crafted website containing an inline frame element with an overly large height attribute is viewed using Safari. Other browsers do not appear to be vulnerable.
Secunia states that fully patched versions of Windows 7 64-bit are vulnerable, classifying this as a zero-day exploit by definition; however, it is unlikely that many users will be affected.
According to the most recent statistics from StatCounter, Safari accounted for only 5.92 per cent of global browser use last month. Although there isn't enough information to build a correlation between the two statistics, it's worth noting that Safari is the default browser on OS X, an operating system that accounted for only 7.05 per cent of global operating system use last month.
Given this, it would be reasonable to assume that the proportion of users running Safari on Windows 7 would be a significantly small proportion of users, and certainly not in excess of 5.92 per cent of total users. Of those, vulnerable 64-bit users would then represent a smaller subset still.