Windows 10 bug causes BSOD when opening a specific path

Windows bug causes BSOD

A bug in Windows 10 causes the OS to crash with a blue screen of death (BSOD) if the user tries to open a specific path in the address bar of the browser or uses other Windows commands.

Last week, Twitter posted messages from a security researcher about two vulnerabilities in Windows that could be exploited by cybercriminals in different attacks.

The first vulnerability allows an unprivileged user or program to issue a single command to make an NTFS volume appear corrupted. While chkdsk has successfully resolved this issue in a number of tests, in one of the tests the command damaged the hard drive, which caused Windows to stop loading.say Bleeping Computer journalists.

The second bug can cause a blue screen of death when trying to open an unusual path.

Since October last year, security researcher Jonas Lykkegaard has repeatedly written about a path that immediately crashes Windows 10 and displays a blue screen of death after entering into the address bar of a browser (for example, Chrome),.

When developers want to interact with a Windows device directly, they can pass the Win32 device namespace path as an argument to various Windows software functions. This allows the application, for example, to interact directly with the physical disk, bypassing the file system.

I was able to find the Win32 device namespace path for the ‘console muxer driver’, which is used for kernel/usermode IPC.Jonas Lykkegaard told BleepingComputer.

Opening the path in various ways by a user, even with a low privilege level, can cause Windows 10 to shutdown:\\.\Globalroot\device\condrv\kernelconnect.

When connecting to a device, developers pass the extended attach attribute to correctly communicate with it.

As Lukkegaard discovered, when trying to connect to a path without passing an attribute, due to incorrect error checking is thrown an exception causing a blue screen of death. To make matters worse, low-privileged Windows users can try to connect to the device using this path, thereby allowing any program running on the computer to cause Windows 10 to crash.

Let me remind you that recently Google Project Zero discovered a 0-day vulnerability in the Windows kernel.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *