New holy hell as any website or ad can now crash your Windows 7 machine

A new version of an old bug has just been discovered which can bring any Windows system earlier than Windows 10 to its knees, simply by loading a malformed URL, which of course may be found on a malicious website, in email or loaded by ads on otherwise safe websites.

The issue is due to how the NTFS driver deals with special file names, in this case, the $MFT name, which is one of the special metadata files used by Windows’ NTFS filesystem.

The file is normally hidden from users and most software, but it appears that if it forms part of a directory name (e.g. c:\$MFT\123) Windows will then lock the file and never release it,  making the file system inaccessible, potentially causing a bluescreen,  and forcing a reboot.

The issue can be caused locally, and unfortunately also remotely if $MFT is used as part of a URL.  Some browsers block the malformed URL, but it appears Internet Explorer is all too happy to surrender your machine.

Microsoft has been informed, but a patch has not been released yet.  As usual, the news underlines the imperative to keep your machine updated or else remain vulnerable to old issues which have been newly discovered.

Leave a Reply

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}