Recently, security researchers continued to discover a Windows 10 bug that could cause a user’s computer to crash. Specifically, if an attacker tricked into activating a special command, your Windows 10 computer will immediately get a blue screen (BSOD).
According to researcher Jonas Lykkegaard, bad guys can take advantage of this error to attack and sabotage information technology systems.
When developers want to interact directly with Windows devices, they can pass the namespace path to a Win32 device as an argument for various Windows programming functions. As a result, the application can interact directly with a physical disk without going through the file system.
Lykkegaard discovered a special Win32 device namespace path for the multiplex console driver. This path has encountered an error, so opening it in any way will cause the Windows 10 computer to crash. Even if the low-privileged user is activated, this path will work.
Here is the dangerous path that we are talking about:
\. globalroot device condrv kernelconnect
Warning: We have tested and confirmed this information is reputable. The path can be opened by command line control systems in Windows 10. It can also be activated by the browser and in a variety of ways. Although it only causes a blue screen and causes Windows 10 to restart, you should not try to enable this error either. We will not be responsible for any problems with your computer during the test.
In fact, developers using this path will have different extension attributes. Not having this path attribute causes blue screen error on Windows 10. Currently, this error affects Windows 10 version 1709 and later.
According to Lykkegaard, a bad guy can create a Windows URL file (.url) that is pointing to the path above. When downloaded, this file will display a URL icon and if run it will crash Windows 10. Even, BleepingComputer also said that this error has many exploits, including the method of causing the blue screen. automatically when logging in Windows 10.
Hackers can use this bug to conceal their tracks. With administrator rights, hackers will install the above path access command for all Windows 10 computers causing them to crash massively. This can interrupt investigation or prevent an administrator from detecting an attack on a particular computer.