A new Windows 10 bug is causing the operating system to crash to a Blue Screen of Death when opening a path in a browser’s URL bar or using certain Windows commands.
These bugs were shared on Twitter by a Windows security researcher that could potentially be used by attackers. The first one allows a user or program with insufficient privileges to enter a commond that causes an NTFS volume to be marked as corrupted. This can be fixed with a chkdsk, however it is possible for the command to corrupt the hard drive and prevent Windows from starting.
This Path Causes A Blue Screen of Death
Windows security researcher, Jonas Lykkegaard, had first tweeted in October about a path that when entered into the Chrome URL bar, immediately causes Windows 10 to crash to a blue screen.
When a developer wants to interact directly with Windows devices, they can use a Win32 device namespace path as an argument to several Windows programming functions. This can allow an application to directly interact with a physical disk without having to go through the file system.
Lykkegaard discovered this Win32 device namespace path that he believes is used for ‘kernel / usermode ipc.’ Windows 10 crashes whenever opening the path even from a user with insufficient privileges.
Lykkegaard discovered that if you try connect to this path without passing the attribute due to impropper error checking, it causes an exception that results in a crash to a Blue Screen of Death.
How This Can Be Exploited By Threat Actors
It has yet to be decided if this can be used for remote execution of a code, but it can be used as a DDOS attack on the computer.
If a threat actor has admin credentials on a network, they can remotely execute a command that accesses this path on all the Windows 10 devices on that network, causing them to crash.