News

Four-Character String Can Easily Crash Windows 7 and 8.1

Older Windows versions are not having a good time. First, the WannaCry ransomware infected Windows XP, 7, and 8.1 systems across the globe earlier this month. Now, a Russian programmer has discovered a simple NTFS bug capable of crashing Windows 7 and 8.1 using a four-character string.

Master File Table Bug

The programmer, known only as Anatolymik, posted his findings to his blog this week. He discovered that a bad filename can freeze, crash, or  BSOD a Windows 7 or 8.1 system. The fault is not present in Windows 10.

As Bleeping Computer’s Catalin Cimpanu explains:

“The problem is with the $MFT file, which is the Master File Table, a file found on all NTFS volumes. This file is the most important file on a disk partition, as it tracks of all files on the volume, their physical location on the hard, their logical location inside folders, and all sorts of file metadata.

Users cannot open this file, for obvious reasons, as they could accidentally ruin their entire data.

While working a file filtering system, Anatolymik discovered that if he used the $MFT file name as a directory name — as C:\$MFT\foo  — the local Windows installation would hang or sometimes crash. When the system hang, the only way to regain access to the PC was by resetting it.”

Weaponised in Browsers

Further research has demonstrated that the bug can be deployed via Firefox and Internet Explorer. However, Chrome is immune to the exploit.

Cimpanu reports:

“According to users that have tested the bug and commented on Anatolymik’s blog post, Chrome will refuse to load images with malformed paths, such as the $MFT exploit.

Nonetheless, Bleeping Computer confirmed that the $MFT bug causes a Windows 7 installation to hang via Internet Explorer and Firefox.

This NTFS $MFT bug is very similar to another file path bug from the 90s when you could prank your friends with the “C:/con/con” bug that crashed Windows 95 and Windows 98 systems. Below is a demo video for the ancient “C:/con/con” bug.”

Fix Incoming?

No fix for the issue currently exists. According to Ars Technica, Microsoft has been informed about the matter but has not revealed if and when it intends to issue a patch.

Ashley Allen

Disqus Comments Loading...

Recent Posts

SK Hynix Begins Production of First 321-Layer NAND Chips

SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…

11 mins ago

Trust Gaming GXT 609 Zoxa 2.0 PC Speakers

SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…

4 hours ago

PowerA Wired Controller for Nintendo Switch

Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…

4 hours ago

Logitech G Saitek PRO Flight Rudder Pedals

Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…

4 hours ago

Logitech G Saitek Farm Sim Controller

Heavy Equipment Bundle: Includes a steering wheel for heavy machinery, gas and brake pedals, and…

5 hours ago

Razer Ornata V3 X – Low Profile Gaming Keyboard

Low-profile Keys for an ergonomic gaming experience. With slimmer keycaps and shorter switches, enjoy natural…

5 hours ago