A highly critical flaw affects Windows 7. The vulnerability allows to compromise user’s system. It is due to a flaw in win32k.sys and can be used to crash memory subsystem. An attack can be launched eg. via crafted webpage containing iFRAME with overly long „height“ parameter when using Safari browser. A successful attack allows to launch arbitrary code.
The vulnerability was found in Windows 7 Professional 64-bit. Other versions may be vulnerable also.

Source: Secunia
20.12.2011