Jump to content

Microsoft Says It Won’t Fix a Bug Causing BSODs on Windows 10


tao

Recommended Posts

A bug causing Windows machines to crash when a USB drive is inserted won’t get a patch from Microsoft, despite the issue said to be affecting all versions of the operating system, including the newly-launched April 2018 Update.

Microsoft Says It Won’t Fix a Bug Causing BSODs on Windows 10

Security researcher Marius Tivadar says in a post on GitHub that he first reported the problem to Microsoft in July 2017 after discovering that a USB drive running a handcrafted NTFS image can cause any system to crash even if locked.

“Microsoft was very responsive regarding my disclosure 1 year ago, but they didn’t issue a security patch,” Tivadar explains.

While the bug can only generate a BSOD on the target host, the security researcher describes it as a denial of service.

“Inserting a memory stick when a computer is in a locked state triggers the execution of a lot of OS code, such as mounting file systems. This could be dangerous if the file system is handcrafted and aimed at exploiting the OS. This behavior should be changed for any operating system,” he says.

No fix (just yet)

Microsoft, however, won’t issue a security fix for this bug, explaining in a private conversation with Tivadar that because the report requires “either physical access or social engineering” it can’t receive a CVE and get a patch.

The bug exists in all Windows versions, and the security researcher has managed to reproduce it in Windows XP, Windows 7 Enterprise, and various releases of Windows 10, including the April 2018 Update.

“Fortunately, this bug can generate a BSOD and nothing more. It cannot be weaponized. Still, in some scenarios, a blue-screen-of-death could be unacceptable,” the researcher explains.

Microsoft hasn’t offered a public statement on this bug, and it’s still not known whether a fix is on its way or not. We have reached out to the company for more information and will update the article when and if an answer is offered.

< Here >

Link to comment
Share on other sites


  • Replies 8
  • Views 1.8k
  • Created
  • Last Reply

M$ should release a patch,  it's their duty.

We buy their operating system(s) then they have a duty of care to deal with problems,  like if you purchase hardware like a car and it develops a fault then seller should fix it.

Windows 10 Pro has given me four (4) b.s.o.d. in past year, I got three (3) when typing via keyboard and it's a M$ keyboard.

Link to comment
Share on other sites


MS shouldn't be blamed here at all, because they are not competent enough to make a patch. :lol:

Link to comment
Share on other sites


Just updated my spare computer and it will now not boot up, starts booting and stays on blue screen with the message 'waiting' and it's been like that for 24hours.

Tried doing a repair from the install disk and failed, tried to do a system restore and failed, tried to repair MBR which showed as success but still no bootup. Seems I will have to delete the partition and start again so its a good job I can still access the hdd using using sergei's boot disk. I am running a genuine win 10 pro and this is the second time this has happened on the same p.c with a ms feature update.

Link to comment
Share on other sites


On 5/11/2018 at 9:18 AM, adi said:

“Inserting a memory stick when a computer is in a locked state triggers the execution of a lot of OS code, such as mounting file systems. This could be dangerous if the file system is handcrafted and aimed at exploiting the OS. This behavior should be changed for any operating system,” he say.

1

Disable AutoRun/AutoPlay is the fix.

Link to comment
Share on other sites


straycat19
On 5/11/2018 at 8:18 AM, adi said:

managed to reproduce it in Windows XP, Windows 7 Enterprise, and various releases of Windows 10

 

I have tried this on my Windows 7 Enterprise, Pro, and Ultimate systems and my Windows 8.1 systems, along with my lone Windows 10 Ockel Sirius Pro A and it doesn't work on any of them.  Probably because of my security settings.  Autorun/AutoPlay is not disabled on any of them.

Link to comment
Share on other sites


On 5/11/2018 at 8:58 AM, LeeSmithG said:

Windows 10 Pro has given me four (4) b.s.o.d. in past year

Only three?!!:o  Can I borrow your Lucky Charms? :wut:

Link to comment
Share on other sites


I don't what happen with Microsoft :( ... the f*ckin people in Twitter (Dona N1gga Sarkar, Jen Old-Gentleman, Steve Fat Ballmer) said the "this is the best Windows ever" :s 

 

That people are completely crazy, blind or evil ???

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...