At the beginning of 2021, Microsoft encountered two dangerous errors affecting users. One is the above error NTFS partition causes hard drive to fail, and recently appeared an error with just 1 command Windows will appear blue screen of death.
Join the channel Telegram of the AnonyViet 👉 Link 👈 |
Destroy Windows with one simple command
A bug in Windows 10 causes the operating system to crash with a “Blue Screen of Death” (BSOD) simply by opening a link in the browser’s address bar or using other Windows commands.
In October 2020, Windows security researcher Jonas Lykkegaard posted on twitter several times about a link that can instantly cause Windows 10 to hang and display a BSOD when entered in the Chrome address bar.
Lykkegaard said he’s discovered it’s possible to change the path in the Win32 device namespace as an argument to Windows API calls to interact with Windows devices directly. This path allows direct access to the physical hard disk, bypassing the file system API functions. Opening the path in different ways, even from users without Admin rights, will still cause Windows 10 to crash.
Lykkegaard has discovered that if you try to connect to a path without passing the attribute due to improper error checking, it will throw an exception that causes a BSOD error in Windows 10.
Here is the path that causes Windows to crash:
\\.\globalroot\device\condrv\kernelconnect
AnonyVIet started Windows 10 20H2 (the latest version of Windows from Microsoft). Then, I launch the Google Chrome browser and enter the above link into the browser address bar. Immediately after pressing Enter to enforce the path, Windows 10 actually crashed with BlueScreen.
There are many ways to execute this command which causes Windows to fail, as the path can be entered in Explorerin the command prompt of CMD (e.g. when logging in) etc. This exploit does not depend on user privileges, it works even with normal User. I ran the test via Remote Desktop from Windows 7 to a Windows 10 20H2 virtual machine then Windows crashed.
Some users reflect, this error also appears in Windows Server 2019 and Windows 10 V1507 LTSC. Particularly for Windows 8.1 and Windows Server 2012 are not affected by this path error, so it does not cause Windows crashes.
Bad guys can abuse this bug to break your computer
While it’s not known yet whether this bug can be exploited for remote code execution or elevated privileges, in its current form it can be used as a denial of service attack on the Internet. calculator.
A Windows URL file (.url) or a shortcut with a path with settings pointing to \\.\globalroot\device\condrv\kernelconnect
easily cause Windows 10 to hang. When the file is downloaded, Windows 10 will try to display the icon (icon) of the file URL is the path pointing to the address above, Windows 10 will hang immediately.
Similar to the NTFS error on Windows 10, security experts have found many other ways to exploit this error, including methods that cause BSOD automatically when logging in to Windows.
In a real scenario, this bug could be abused by malicious people who have access to the network and want to cover their tracks during an attack.
If they have Admin credentials, a hacker can remotely execute a command to access this path on all Windows 10 devices on the network to crash the system.
In 2017, a similar attack scenario was used by Hackers in a bank heist belonging to Far Eastern International Bank (FEIB) in Taiwan. During that attack, Hacker deployed the Hermes ransomware on the network to disrupt investigations into this attack.