Even "Locked" Microsoft Windows Computers Vulerable to BSOD Crash On USB Insertion

Code has been published which will induce an iconic "Blue Screen Of Death" crash on running Microsoft Windows installations (archived). The vulnerability lives in Window's handling of filesystems in Microsoft's own NTFS format, and can be triggered by inserting a USB drive with an exploit triggering NFTS filesystem into a running Windows computer, even if it is "locked" without any active users logged in.

While this particular trigger for the crash behavior appears to have been patched in recent Windows 10 builds, it likely lives on with a slightly more guarded trigger. It definitely lives on in an unknown number of surviving embedded Windows XP and Windows 7 installations.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>