In our tests, we have confirmed this bug to be present on Windows 10 version 1709 and later.
Lykkegaard discovered if you try to connect to the path without passing the attribute due to improper error checking, it will cause an exception that causes a Blue Screen of Death (BSOD) crash in Windows 10.Įven worse, low privileged Windows users can attempt to connect to the device using this path, making it easy for any program executed on a computer to crash Windows 10. When connecting to this device, developers are expected to pass along the 'attach' extended attribute to communicate with the device properly.ĬDCreateKernlConnection showing the 'attach' extended attribute \\.\globalroot\device\condrv\kernelconnect Lykkegaard told BleepingComputer that he discovered the following Win32 device namespace path for the 'console multiplexer driver' that he believes is used for 'kernel / usermode ipc.' When opening the path in various ways, even from low-privileged users, it would cause Windows 10 to crash. For example, this allows an application to interact directly with a physical disk without going through the file system. When developers want to interact with Windows devices directly, they can pass a Win32 device namespace path as an argument to various Windows programming functions. Opening this path causes a BSODĪ Windows 10 bug first discovered by security researcher Walied Assar, and later publicly disclosed by security researcher Jonas Lykkegaard, causes Windows 10 to crash and display a BSOD when a special path is entered into the Chrome address bar. Today, we look at the second bug that causes Windows 10 to perform a BSOD crash by merely attempting to open an unusual path. While chkdsk resolved this issue in many tests, one of our tests showed that the command caused corruption on a hard drive that prevented Windows from starting. The first bug allows an unprivileged user or program to enter a single command that causes an NTFS volume to become marked as corrupted. Last week, BleepingComputer learned of two bugs disclosed on Twitter by a Windows security researcher that can be abused by attackers in various attacks. A bug in Windows 10 causes the operating system to crash with a Blue Screen of Death simply by opening a certain path in a browser's address bar or using other Windows commands.
0 kommentar(er)
