Friday, May 26, 2017

NTFS bug allows sites to crash Windows 7/8.1 computers

Visiting a malicious Web site can crash computers with Windows or 8.1, with a simple reference to a special system file name.

Do you remember the old bug that crashed Windows 95 and 98 when referring to files named "c:\con\con"? We once again face something similar, but this time affecting machines with Windows 7 and Windows 8.1 - fortunately the latest Windows 10 seems to be immune to this bug.

This time the case is about file names with "$MFT" in it, which are special files used by NTFS. When a web page refers to this location - for example, saying that the address of an image on the page is "c:\$MSFT\123" (a folder instead of a file) - the system locks the access to the folder and never releases it, causing the system to become slow, unstable, and in many case, ending up in a dreaded BSOD (Blue Screen of Death).

Since the bug no longer occurs in Windows 10, it remains to be seen whether MS will fix the bug in those older Windows... or use it as a way to make people want to upgrade to Windows 10. Until then, if your computer crashes while browsing the internet, you know what might have been ... (I imagine one of the ways to avoid the problem might be to add $MSFT to the list of things to filter by an adblocker, prevent the browser from trying to access these images).

No comments:

Post a Comment

Related Posts with Thumbnails

Amazon Store