Security Expert Announces PoC to Crashes All Recent Windows

Security expert Marius Tivadar posted a proof of concept code (PoC) on GitHub that can crash all versions of Windows even if the Windows computer is locked. The code exploits a vulnerability in Microsoft’s handling of NTFS images. His PoC code includes a malformed NTFS image that can be placed on a USB flash drive. After the computer is plugged in, the system will crash for a few seconds.

According to Tivadar, the reason is that Windows automatically reads the contents of the USB disk by default. “Even with auto-play [is] disabled, [the] system will crash when the file is accessed. This can be done for [example,] when Windows Defender scans the USB stick, or any other tool opening it.”

When the system is locked, a blue screen of death can also be triggered. Tivadar thinks that Microsoft should change this approach because the system should not read any USB disk that is plugged into the computer when locked.