01-18-2021 , 08:48 AM
A bug in Windows 10 causes the operating system to crash with a Blue Screen of Death simply by opening a certain path in a browser's address bar or using other Windows commands.
Last week, BleepingComputer learned of two bugs disclosed on Twitter by a Windows security researcher that can be abused by attackers in various attacks.
The first bug allows an unprivileged user or program to enter a single command that causes an NTFS volume to become marked as corrupted. While chkdsk resolved this issue in many tests, one of our tests showed that the command caused corruption on a hard drive that prevented Windows from starting.
Today, we look at the second bug that causes Windows 10 to perform a BSOD crash by merely attempting to open an unusual path.
Opening this path causes a BSOD
Since October, Windows security researcher Jonas Lykkegaard has tweeted numerous times about a path that would immediately cause Windows 10 to crash and display a BSOD when entered into the Chrome address bar.
When developers want to interact with Windows devices directly, they can pass a Win32 device namespace path as an argument to various Windows programming functions. For example, this allows an application to interact directly with a physical disk without going through the file system.
Lykkegaard told BleepingComputer that he discovered the following Win32 device namespace path for the 'console multiplexer driver' that he believes is used for 'kernel / usermode ipc.' When opening the path in various ways, even from low-privileged users, it would cause Windows 10 to crash.
\\.\globalroot\device\condrv\kernelconnect
When connecting to this device, developers are expected to pass along the 'attach' extended attribute to communicate with the device properly.
Read more info HERE