Accessing This Location Can Cause Windows 10 To Crash
A new Windows 10 bug is causing the operating system to crash to a Blue Screen of Death when opening a path in a browser’s URL bar or using certain Windows commands.
These bugs were shared on Twitter by a Windows security researcher that could potentially be used by attackers. The first one allows a user or program with insufficient privileges to enter a commond that causes an NTFS volume to be marked as corrupted. This can be fixed with a chkdsk, however it is possible for the command to corrupt the hard drive and prevent Windows from starting.
This Path Causes A Blue Screen of Death
Windows security researcher, Jonas Lykkegaard, had first tweeted in October about a path that when entered into the Chrome URL bar, immediately causes Windows 10 to crash to a blue screen.
When a developer wants to interact directly with Windows devices, they can use a Win32 device namespace path as an argument to several Windows programming functions. This can allow an application to directly interact with a physical disk without having to go through the file system.
Lykkegaard discovered this Win32 device namespace path that he believes is used for ‘kernel / usermode ipc.’ Windows 10 crashes whenever opening the path even from a user with insufficient privileges.
\\.\globalroot\device\condrv\kernelconnect
Lykkegaard discovered that if you try connect to this path without passing the attribute due to impropper error checking, it causes an exception that results in a crash to a Blue Screen of Death.
How This Can Be Exploited By Threat Actors
It has yet to be decided if this can be used for remote execution of a code, but it can be used as a DDOS attack on the computer.
If a threat actor has admin credentials on a network, they can remotely execute a command that accesses this path on all the Windows 10 devices on that network, causing them to crash.