You may remember the recent NTFS corruption bug in Windows that doesn't even require administrative privileges to be abused. There is a new bug in Windows 10. If you open a special path, the OS will crash and you will end up with the BSOD.
Windows allows developers to interact with devices directly, using a Win32 device namespace path as an argument to various Windows programming functions. Such an option allows apps to directly interact with a physical disk and omit the the file system abstraction layer.
The following Win32 device namespace path is for the 'console multiplexer driver'. It is is used for 'kernel / usermode ipc'.
\\.\globalroot\device\condrv\kernelconnect
When opening the path in various ways, even from low-privileged users, it would cause Windows 10 to crash.
Folks from BleepingComputer were able to reproduce this issue on Windows 10 version 1709 and later.
The worst thing about this issue is that it is very easy to exploit this bug. If a Windows URL file (.url) with an icon path set to \\.\globalroot\device\condrv\kernelconnect is stored in a folder, Windows 10 will try to render the URL file's icon once you open the folder, and it will automatically crash Windows 10 to cause a BSOD (bug check).
There is nothing good about this situation. We are looking forward for Microsoft to fix the bug.
The bug was first discovered by Windows security researcher Jonas Lykkegaard in October 2020.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
thanks master
guess who just crashed their pc trying to find out
who?
Is there a particular kb fix for this? I didn’t found one.