Contact Info

Atlas Cloud LLC 600 Cleveland Street Suite 348 Clearwater, FL 33755 USA

[email protected]

Client Area
Recommended Services
Supported Scripts
WordPress
Hubspot
Joomla
Drupal
Wix
Shopify
Magento
Typeo3

Security researchers uncover a new blue screen of death vulnerability.

Less than a month has passed since an issue with a CrowdStrike update left millions of Windows machines struggling to break free from a blue screen of death loop, but now a new blue screen threat has been revealed. An August 12 report from cybersecurity software company Fortra has detailed how a newly uncovered Windows vulnerability can lead to yet another blue screen of death. What’s more, the researchers said, all versions of Windows 10 and Windows 11 are affected, even if all current security updates have been installed.

The security vulnerability, officially cataloged as CVE-2024-6768, concerns the common log file system Windows driver. When faced with an improper validation of specified quantities within input data, CVE-2024-6768 will trigger a function known as KeBugCheckEx and result in the dreaded blue screen of death. Something that Windows users are only too familiar with following the recent CrowdStrike issues that produced the same blue screen end result. Despite the ultimate payload of an exploit being pretty serious and requiring no user interaction, because the attack vector is local rather than remote, the vulnerability is graded as being of medium risk.

The CVE-2024-6768 blue screen of death can impact all versions of Windows 10 and Windows 11, as well as Windows Server 2022, regardless of whether they have been updated with all security patches to date. The researchers have shown that a user with no privileges can induce a system crash by using a specially crafted file.

“The potential problems include system instability and denial of service,” Ricardo Narvaja, principal exploit writer with security company Fortra, and the author of the report, said, “malicious users can exploit this vulnerability to repeatedly crash affected systems, disrupting operations and potentially causing data loss.”

The blue screen of death proof of concept exploit on a Windows 11 device

Tyler Reguly, Fortra’s associate director of security research and development, told me that Microsoft was first made aware of the issue in December 2023. However, the company “became unresponsive in February 2024,” Reguly said, adding that Microsoft stated it could not reproduce the vulnerability. This despite, Reguly said, Fortra researchers reproducing the results in a proof of concept across “dozens of systems both virtual and physical.” Due to the nature of the vulnerability, there is no workaround or mitigation that the researchers could identify, and Reguly said, “We do not expect to see a fix from them.” Indeed, it would seem that the reason for publishing the vulnerability report today, in part at least, is in the hope that Microsoft will see how easily the vulnerability can be exploited and hopefully “explore a fix moving forward.”

I have reached out to Microsoft for a statement.

Tyler Reguly mentioned that exploiting the vulnerability to cause a blue screen of death is unlikely in real-world scenarios due to its limited use cases and recoverable nature. However, he highlighted that it allows low-privileged users to reboot a system unexpectedly, impacting all users logged in at that moment. Reguly suggested, “This vulnerability might be used by malicious insiders who intend to disrupt a multi-user server or by attackers wishing to reboot a system without high-level privileges or traceable user-initiated logs.”

Reguly reassured the average Windows user that the issue shouldn’t be a significant concern. However, organizations should pay attention, especially since Microsoft has not shown urgency in patching this flaw. He expressed hope that “Microsoft recognizes this release and promptly issues an update to address the flaw.”

Microsoft has faced several challenges with blue screen errors recently, including a situation exacerbated by a CrowdStrike update affecting Microsoft users, although not caused by Microsoft itself. Moreover, a security update in July 2024 led to issues, causing Windows devices to potentially boot into BitLocker recovery, particularly affecting those with enabled encryption.

One Community. Many Voices. Create a free account to share your thoughts.

Our community prioritizes fostering connections among individuals through open and considerate discussions. It’s a place where readers are encouraged to share their perspectives and engage in meaningful exchanges of ideas and information within a respected environment.

To ensure this, adhere to the posting guidelines specified in our Terms of Service. Below, we outline some key aspects of these rules. The overarching principle is maintaining civility.

Your submission will be declined if it appears to include content against our guidelines.

We will restrict user accounts if it’s determined that users have or are participating in prohibited activities.

So, how can you be a power user?

Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.


Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.

Share this Post
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x