A new bug in the Windows 10 operating system can lead to a blue screen of death (BSOD) if the user enters a specific path into the browser address bar. Also BSOD can cause the use of Windows commands.
This is the second vulnerability reported by Jonas Luckgard, a cybersecurity researcher specializing in Windows , in the past few days . Recall that the first 0-day can cost the user data on a hard disk with an NTFS file system.
Lukgard has warned about the BSOD issue several times on Twitter since October 2020. If you enter a specific path in the address bar of the Chrome browser, Windows 10 will immediately shut down and issue a BSOD.
According to Luckgard, the bug is directly related to the ability to interact with a Windows device directly – for example, when applications access the disk directly, bypassing the file system.
Lukgard discovered a special path that the researcher understood is used for “kernel / usermode ipc”. If you try to open this path in different ways (even on behalf of a user with low privileges), Windows 10 will shut down. The specialist led this path, but we warn everyone against experimenting with it:
\\. \ globalroot \ device \ condrv \ kernelconnect
So far, experts are at a loss to say whether cybercriminals can use this bug to remotely execute code or escalate privileges. However, it is currently known that an attacker can conduct a DoS attack using this error. The vulnerability affects Windows 10 1709 and later versions of the operating system.