New bug causes Windows to crash, repeatedly
A new Windows bug has been discovered which is affecting all versions of the OS except Windows 10 and is completely crashing the system and forcing a reboot.
The glitch here is the method which Windows uses what is called “special” file names which causes the operating system to lock a file and never release it, which means that it can no longer perform any other operations, ultimately crashing with “Blue Screen of Death” (BSOD) or system freeze.
The issue is in the NTFS driver and the method it uses to read special file names which is used by Windows and used to refer to hardware devices. This means they are not directly linked to files stored on the local drives.
Because these names do not directly point towards files, they are accessible from any location, which means that any bug impacting them can be triggered from any location as well.
The $MFT Bug!
This is the case with this issue which is impacting the $MFT file name that Microsoft uses for its metadata files used by the Windows NTFS filesystem. In a report by Arstechnica, a $MFT file exists in the root directory of each NTFS volume, but it is not available to apps and is hidden in the operating system, and this makes it impossible to access directly by users.
Here the new bug kicks in and even though attempts to access $MFT are blocked by default in any Windows version, it appears that pointing directly to this file name in Windows 8.1 and older versions could cause the OS to hang or return a BSOD.
The path that appears to lock the file is C:-$MFT-123 and running it in Internet causes Windows to freeze, with no apps allowed to launch after that. The reason being the OS locks the file and never unlocks it to block any other attempt to access the file system, but at the same time, also blocks other programs from launching.
Impact
The path can easily be used for more complicated/concentrated attacks. This means like links to images posted on websites, or directly sent via email or instant messaging. Browsers like Google Chrome, are blocking it, but Internet Explorer appears to be fully vulnerable, crashing the system every time the test was run.
Microsoft is aware of this bug, as Arstechnica notes. But there is still no word on a possible patch, which means the company will be waiting to release the patch in its next month’s Patch Tuesday cycle.
(source)