tech news 

Windows 10: one address manages to completely crash it

Savior

We know that software is full of bugs and it is almost impossible to avoid them (if not through in-depth analyzes that sometimes affect the mathematician, but which on complex software would be almost impossible). And operating systems are too, but here they become more delicate especially for those operating systems that are used in millions of PCs around the world and which could therefore be novice to the safety of the individual user or of an entire community. This is the case of Windows 10 and the possibility of completely crashing it with a simple path!

In this case we are talking about a particular path that, if inserted in the Chrome address bar, leads to an iserobaile BSOD (Blue Screen of Death, in English).

windows 10
A fake BSOD. Credits: spiceworksstatic.com

Windows 10: the story of the bug discovered since October but not fixed yet

However, the new bug isn't actually as recent as you might think. The first to find out was the security researcher Jonas Lykkegaard, the same who discovered the cause of the corruption of NTFS formatted drives on Windows 10 (always due to another bug).

The researcher in question has been talking about it online since October . Microsoft, when asked about this, commented:

"Microsoft has an ongoing commitment to its consumers to investigate reported security issues and we try to deliver updates to affected devices as quickly as possible."

windows 10
The real BSOD that shows up after typing that path

The bug starts from a special prefix used in particular paths in Windows : “. ". The paths that begin in this mood, allow you to access Win32 Device Namespace, a special "space" of the operating system that allows you to directly address the various connected devices, and this allows you to avoid using the classic Win32 file namespace (what we are used to thinking of a path in short).

In this way, access to physical disks and volumes is done directly, without going through the file system, if the API supports this type of access. Many devices other than disks can be accessed this way (using the CreateFile and DefineDosDevice functions, for example). An example is accessing the COM1 port.

The bug in question affects a particular device reachable in this way , the " console multiplexer driver " which is presumed to be responsible for the transition from usermode to kernel space and vice versa, and the path in question is: ". Globalroot device condrv kernelconnect " .

The device is obviously meant to be reached in this way, and in order for a service to communicate with this device, it needs to pass an extended “attach” argument. If this does not happen, as in this case, the operating system responds with a BSOD .

This problem affects all versions of Windows 10, certainly from 1709 to subsequent versions. It is not clear to date if the bug can be exploited for malicious purposes, but it is certainly very annoying because it could be used to force BSODs after each user login. Of course, the ability to crash an operating system is no small feat. We must therefore pay attention, hoping Microsoft will fix it as soon as possible!

The article Windows 10: An address manages to completely crash it comes from Tech CuE .