Microsoft has a security issue that affects both Windows 7 and Windows 10 operating systems. The code exploits a vulnerability in Microsoft's handling of NTFS filesystem images and was discovered by... Researcher Demonstrates USB Stick That Can BSOD Any Windows 10 Device Even If Locked
I've never seen Win10's BSOD. Although I've seen it getting totally jammed and stuck with a static image a whole bunch of times, requiring a hardware reset. But that's probably hardware/driver related, not Win10's fault per se, I imagine.
Well i sort of agree with Microsofts decision to downgrade the risk, as requiring psychical access may lead to even more damage by using an USB Killer for example. Why just crash the system when you can destroy it.
Bounty hunter. He wants the US$ for the discovery of the flaw and Microsoft refuses to hand him his candy.
It's actually much worse than you think; It's not a buggy hardware or thumbdrive firmware causing an issue: pretty much any standard USB thumb drive can be turned into this by simply intentionally malforming an NTFS partition (only a partially completed partition, in this case), which is easily done. The written partition is automatically mounted when the drive is plugged in but the way it is modified causes the filesystem stack to crash, which, unfortunately for Windows, is a kernel component. Why Microsoft has not created filesystem miniports to the kernel and moved the filesystem driver stack into a userland environment is beyond me, considering malformed removeable filesystems has been a cause of many a bluescreen since even before 2003. The problem here is if it is a full memory dump, that dumpfile can easily be copied with minimal interaction by another automated USB boot drive to replace the "crashing" drive, so it's worse than just breaking the hardware. The biggest issue here is it doesn't even have to be a USB thumbdrive: since a BSOD memory dump file is readable by any user on the system, they can write a program to launch on user login that sends the latest crashdump to a remote location using the BITS, then proceed to mount a malformed NTFS image. System crashes, memory dump is created, System reboots, and dumpfile is sent on the next login. All this and not one UAC elevation prompt was required. EDIT: The worst part about all this is it seems Microsoft outright said they're not going to even fix this issue and everything is working as intended. Further information and research here: https://github.com/mtivadar/windows10_ntfs_crash_dos
Oh, I don't know anything about this bug. I'm sure this is a real Windows bug. I was merely saying that I haven't personally ever seen a Win10 BSOD on my own PCs, and that my other problems were likely related to my own hardware and their drives.
Unless it can force code execution, it is just stupid joke. If I can plug USB to your system, I can hold power button on it too.
i would like to see if it affects windows server, i see some applications in a server room. It could be used as a form of sabotage .
In this case, the crafted NTFS-crashing drive image can't occur under normal circumstances, but can specifically crafted to intentionally force a BSOD and dump memory. You don't even need a USB stick to pull this off, and an entire attack can take place within userland without once elevating with UAC. Powering down a system is a hell of a lot more preferable to a BSOD where the dump can be easily taken for analysis. This isn't a broken disk issue, either, since a broken or corrupted NTFS partition can't take down the entire kernel but a valid (but malformed) one can.
I've seen a few GSOD's from Windows10--yep, the actual green skin variety--and every single time it happened it was a result of me pushing an overclock too far. Notched back on the offending clock the appropriate number of MHz, and all is well--no more green SOD's. I've never seen one in recent memory, however, unless I caused it. Also, hackers all over the world vy for some Microsoft money awarded to them for "finding flaws." Microsoft gladly pays them for the ones it considers important and legitimate. So I find it somewhat amusing that these hackers get elevated to the grandiose title of "security researchers" whenever a hack is successful. There are lots and lots of hacks that can be accomplished in a machine in which a person has administrator access--especially direct physical access. But when they don't get "recognized" by Microsoft (ie, there's no payday) many of them get "revenge" by publicizing their hacks to all comers. But the fact is that when you have administrator rights and direct physical access, you own the world where that machine is concerned, and at that point the entire OS becomes a "vulnerability." How do these hackers (and I don't say that disparagingly) expect Microsoft to engineer a defense against the gullibility of some people who respond favorably to phishing techniques? Not possible, imo.
I tried to Show Microsoft that a 12 gauge shotgun can destroy a laptop running windows 10 and that my wifes macbook was immune Due to her " I'll kill you" stare. Microsoft didn't buy it. Now I have no laptop.
EDIT: also, I think you meant "vie" not "vy" In this case, this guy emailed Microsoft for a fix. I don't see him trying to cash in on this with the way he went about it. You shouldn't be defending Microsoft for something like this where they've had more than a decade to move the filesystem stack out of the kernel and into userspace memory but haven't done so and now have to face the consequences of that and their default memory dumping policy allowing for in-memory information being copied after a BSOD. Again, I hope you people aren't underestimating this and are mode mindful of things like disk images being mounted, not just USB drives. It's really hard to steal data from a shattered laptop by running something.
I don't stick stuff in my USB ports that do not belong in them. Nor do I allow Someone else to do so. If you do allow that to happen, you might as well shoot your PC with a shot gun.
