Bitdefender researcher Marius Tivadar has developed a dodgy NTFS file system image that could trigger a blue-screen-of-death when a mount is attempted on Windows 7 and 10 systems.
The Bitdefender expert Marius Tivadar has discovered a vulnerability tied the way Microsoft handles of NTFS filesystem images, he also published a proof-of-concept code on GitHub that could be used to cause Blue Screen of Death within seconds on most Windows computers.
“One can generate blue-screen-of-death using a handcrafted NTFS image. This Denial of Service type of attack, can be driven from user mode, limited user account or Administrator. It can even crash the system if it is in locked state.” wrote Tivadar.
The PoC code includes a malformed NTFS image can be stored on a USB thumb drive. Once the user will insert the USB thumb drive in a Windows PC it will crash the system within a few seconds causing a Blue Screen of Death.
Tivadar highlighted that auto-play is activated by default and even disabling it the system will crash when the NTFS image is accessed.
The expert noticed that some security tools like Windows Defender scans the USB stick triggering the flaw.
Tivadar reported the NTFS issue to Microsoft in July 2017, but the tech giant did not recognize it as a security bug so the expert opted to disclose the flaw.
Microsoft pointed out that the exploitation of the issue requires either physical access, but Tivadar explained that an attacker could use a malware to exploit the PoC code.
Tivadar noticed that the NTFS bug also works while the PC is locked, this is an anomaly because there is no need to mount a USB stick/volume when the system is locked.
“Generally speaking, no driver should be loaded, no code should get executed when the system is locked and external peripherals are inserted into the machine.” the researcher explained.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.