Another Win 10 0-day Windows 10 bug crashes your PC when you access this location

[Taitor]

A path would immediately cause Windows 10 to crash and display a BSOD when entered into the Chrome address bar.

When developers want to interact with Windows devices directly, they can pass a Win32 device namespace path as an argument to various Windows programming functions. For example, this allows an application to interact directly with a physical disk without going through the file system.

Lykkegaard told BleepingComputer that he discovered the following Win32 device namespace path for the 'console multiplexer driver' that he believes is used for 'kernel / usermode ipc.'  When opening the path in various ways, even from low-privileged users, it would cause Windows 10 to crash.

\\.\globalroot\device\condrv\kernelconnect

When connecting to this device, developers are expected to pass along the 'attach' extended attribute to communicate with the device properly.

Lykkegaard discovered if you try to connect to the path without passing the attribute due to improper error checking, it will cause an exception that causes a Blue Screen of Death (BSOD) crash in Windows 10.

Even worse, low privileged Windows users can attempt to connect to the device using this path, making it easy for any program executed on a computer to crash Windows 10.

In our tests, we have confirmed this bug to be present on Windows 10 version 1709 and later. BleepingComputer was unable to test it in earlier versions.

BleepingComputer reached out to Microsoft last week to learn if they knew of the bug already and if they would fix the bug.

“Microsoft has a customer commitment to investigate reported security issues and we will provide updates for impacted devices as soon as possible,” a Microsoft spokesperson told BleepingComputer.
Threat actors can abuse the bug

While it has not been determined if this bug could be exploited for remote code execution or elevation privilege, in its current form, it can be used as a denial of service attack on a computer.

Lykkegaard shared with BleepingComputer a Windows URL file (.url) with a setting pointing to \\.\globalroot\device\condrv\kernelconnect. When the file is downloaded, Windows 10 would try to render the URL file's icon from the problematic path and automatically crash Windows 10.

Quote

bleepingcomputer.com/news/security/windows-10-bug-crashes-your-pc-when-you-access-this-location/

 

[Progman]

Microsoft is struggling still to stabilize Win10.  These ridiculous bugs which are ridiculously simple should have easily been found in security audits.  They went into security mode some years back and stabilized WinXP and 7.  But it seems the feature team has a new generation of programmers who are somewhat careless.  Also the customer driven testing is not a reliable replacement for classic quality assurance.  Win10 is a great OS but it feels like there is too much rough on the edges like situations for what should be a mature stable build by now

[XOR0XA]

Microsoft is like an incredible collection of 0-day's.. Microsoft...

[Taitor]

39 minutes ago, XOR0XA said:

Microsoft is like an incredible collection of 0-day's.. Microsoft...

Yeah