Skip to main content
close search
site logo
Dive Brief

Microsoft Windows CVE triggers blue screen of death, researchers find

Researchers from Fortra on Monday disclosed the flaw in the common log file system, which can lead to repeated crashes and potential data loss.

Published Aug. 13, 2024
David Jones's headshot
Reporter
A blue Windows error message caused by the CrowdStrike software update is displayed on a screen in a bus shelter on July 22, 2024 in Washington, DC. Four days after CrowdStrike issued a faulty software upgrade that impacted an estimated 8.5 million Microsoft devices around the world.
A blue Windows error message caused by the CrowdStrike software update is displayed on a screen in a bus shelter on July 22, 2024 in Washington, DC. Four days after CrowdStrike issued a faulty software upgrade that impacted an estimated 8.5 million Microsoft devices around the world. Justin Sullivan via Getty Images

Dive Brief:

  • A vulnerability in the common log file system of Microsoft Windows can lead to the blue screen of death, impacting all versions of Windows 10 and Windows 11, researchers from Fortra said Monday.  
  • The vulnerability, listed as CVE-2024- 6768, is caused by improper validation of specified quantities of input data, according to a report by Fortra. The vulnerability can result in an unrecoverable inconsistency and trigger a function called KeBugCheckEx, leading to the blue screen. 
  • A malicious hacker can exploit the flaw to trigger repeated crashes, disrupting system operations and the potential loss of data, according to Fortra.

Dive Insight:

Fortra originally reported the vulnerability to Microsoft in December, with a proof of concept exploit, according to a timeline provided by Fortra. Microsoft told them on two different occasions their engineers could not reproduce the vulnerability, according to the timeline. 

“Microsoft told us that they could not reproduce the issue and closed the case,” Tyler Reguly, associate director of security research at Fortra, said via email. 

Microsoft, however said the research that was shared with them does not rise to the level of a security threat that requires an immediate response. 

“We have reviewed this report and have found that it does not meet the bar for immediate servicing under our severity classification guidelines and we will consider it for a future product update,” a Microsoft spokesperson said via email. “The technique described requires an attacker to have already gained code execution capabilities on the target machine and it does not grant elevated permissions.”

Microsoft said customers should practice good computing habits, which include exercising caution when running programs they do not recognize.

The vulnerability disclosure comes less than a month after Microsoft was involved in one of the biggest global IT outages in history. A flawed software update in the CrowdStrike Falcon platform led to an outage July 19 involving about 8.5 million Windows devices.

Critical providers, ranging from airlines to hospitals and financial institutions across the globe were impacted when they temporarily faced similar blue screens on their Windows computers. 

There is no indication the vulnerability identified by Fortra played a role in the outage related to the CrowdStrike update. 

In late July, Microsoft also dealt with a separate DDoS attack that impacted Azure and 365 services. 

Editor’s note: This story has been updated to include additional details from Fortra and a statement from Microsoft.

 

Filed Under: Vulnerability

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Vulnerability
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell