Critical Bug Can Crash Any Windows Version Except Windows 10

Place you can talk about other things not related to autopatcher.
Post Reply
User avatar
Release Maintainer
Release Maintainer
Posts: 1967
Joined: Mon Oct 28, 2013 10:47 am
Location: Australia

Critical Bug Can Crash Any Windows Version Except Windows 10

Post by Whatacrock »

Critical Bug Can Crash Any Windows Version Except Windows 10

A new Windows bug has been discovered, this time affecting all versions of the operating system except Windows 10 and completely crashing the system and forcing a reboot.

Basically, a glitch in the way Windows handles what are being called "special" file names causes the operating system to lock a file and never release it, which in turns means that it can no longer perform any other operations, eventually crashing either with a BSOD or with a system freeze.

The issue resides in the NTFS driver and the way it reads special file names that Windows uses to refer to hardware devices, so they’re not directly linked to files stored on the local drives.

Since these names do not point directly to files, they can be accessed from any location, which in turns means that any bug impacting them can be triggered from any location as well.

Beware the $MFT bug

This is the case with this new issue that’s impacting the $MFT file name that Microsoft used for metadata files used by the Windows NTFS filesystem. As Ars explains, a $MFT file exists in the root directly of each NTFS volume, but it’s not available to apps and is hidden in the operating system, and this makes it impossible to access directly by users.

This is where the new bug kicks in. Even though attempts to access $MFT are blocked by default in any Windows version, it appears that pointing directly to this file name in Windows 8.1 and older could cause the operating system to hang or to return a BSOD.

The path that appears to lock the file is c:\$MFT\123 and running it in Internet Explorer causes Windows to freeze, with no new apps allowed to launch after that. This is because the operating system locks the file and never unlocks it to block any other attempt to access the file system, but at the same time, it also blocks other programs from launching.

The path can be easily used for more complex attacks, like links to images posted on websites, or directly sent via email or instant messaging. Some browsers, like Google Chrome, are already blocking it, but Internet Explorer appears to be fully vulnerable, crashing every time we ran this test.

Microsoft is aware of the bug, the aforementioned source notes, but there’s still no word on a possible patch, with the company likely to wait until next month’s Patch Tuesday to fix it. ... 6092.shtml
"Now if you Sons of B*@ches got anything else to say, NOW'S THE F@#%ING TIME!!"
Post Reply