After a security gap recently endangered the entire NTFS file system in Windows, a bug is now causing further trouble on windows 10 operating system. The effects of this are not quite as dramatic, but data can also be lost here. Said bug was also discovered by security researcher Jonas Lykkegard, who also tracked down the mentioned vulnerability in the file system. By simply entering the path “ \\. \ globalroot \ device \ condrv \ kernelconnect “, for example in the address bar of a browser, the entire system crashes and only shows a blue screen . If you believe the statements by Bleeping Computer, the bug can be exploited on Windows 10 versions 1709 up to 20H2.
Even if a system crash shouldn’t mean the end of the world for most computers, you should as always, be careful which link you click on or which file you run.
An official statement from Microsoft has not yet been issued. The company only announced that it would currently review the situation and publish a corresponding update if necessary.
The bug does not occur in Windows 7. If you follow the path shown here, you will only get the feedback that you have accessed an invalid path entry. So it shouldn’t take too long before Microsoft releases a corresponding update and also classifies the said path as invalid with Windows 10.
It is not yet known whether Jonas Lykkegard has discovered other weaknesses or security gaps. However, Microsoft seems to have largely ignored the security researcher so far. However, with the increased media presence of Lykkegard, this is likely to change. However, the case shows that Microsoft does not adequately check the contributions submitted by research.