the bluescreen is because, well, "CRITICAL_OBJECT_TERMINATION". in Windows, some processes, if they terminate, cause the entire operating system to stop with a bugcheck. think of it like init dying in linux.<p>there sadly is no 'stack backtrace'. it looks like he's managed to send some message to csrss.exe that caused it to crash with an invalid memory operation.<p>this is bad, it might even be exploitable. even though the exploit would be in csrss, which is not kernel mode, it's still extremely important and trusted. also, untrusted low-user code could make this call to privilege escalate.<p>it's worth noting that thought the author states " I stumbled accross the bug inadvertently while working on something totally unrelated to security, and decided to publish my findings so that this can be fixed by Microsoft.", microsoft actually has a security team that can be found here: <a href="http://technet.microsoft.com/en-us/security/ff852094.aspx" rel="nofollow">http://technet.microsoft.com/en-us/security/ff852094.aspx</a> (google for "microsoft report security bug")<p>the bugs you report to them remain confidential until they are fixed. this way, potentially bad exploit code isn't floating around the internet for some indeterminate amount of time. like this!
This isn't really an exploit, except insofar as a local user can cause a DoS for the system. Until there's a demonstration that arbitrary code can be invoked with elevated privileges, it's just a bug.
Untill proven otherwise this totally violates full Disclosure policies. I know they are like 'gentleman agreements' but this feels bad, and looks bad, like the author is only out for some internet fame. I can not believe that he in any way tried to contact Microsoft, but clearly took his time on this publication.
Ok, tried it. This DOES NOT trigger blue screen on Windows 8 (64bit) / Visual Studio 2012. I'm pretty sure the author has some other problems in his environment.
I hate the idea of "full disclosure." I, instead, love what this author has done. You found a bug, you're posting about it. Great. Any decent, respectable, commercial enterprise should have <i>somebody</i> watching sites like this, looking for posts like these. They shouldn't rely on somebody taking time away from themselves or their projects and write up a bug report. No.