The Weather Channel Global Weather Channel was attacked by ransomware
infosec

The Weather Channel Global Weather Channel was attacked by ransomware

The Weather Channel Global Weather Channel was attacked by ransomware resulting in the live broadcast being interrupted for about 90 minutes ....
Read More
infosec

A "hero" that stopped WannaCry is guilty of other criminal acts

A British computer security researcher was once described as a "hero" after helping to prevent a devastating explosion of WannaCry ransomware and ...
Read More
infosec

Hacker stole 150 thousands of rubles from Belarusian business accounts

Early in April, an employee of a metropolitan organization reported to the police that an unknown person had made unauthorized access ...
Read More
infosec

Banning links from embedded browsers for security reasons

Google has decided to ban the logins from embedded browsers since June of 2019. Why did he ...
Read More
infosec

Malicious AutoHotkey Scripts infect systems for spyware purposes

A new threat appears to have occurred, in which malicious hackers use AutoHotkey scripts to ...
Read More
Latest Posts

USB code causes BSOD even on locked PCs

USBIn the past, we have mentioned again the dangers that may be posed by the use of a USB we have found on the road. It may contain malicious programs that target your online accounts. A Bitdefender security researcher, Marius Tivadar, underlined the importance of this issue through the proof-of-concept code (Via: CSO Online).

When you place an unknown USB stick on your computer (which contains this code), this malicious code can cause the famous Blue Screen of Death (BSOD) in Microsoft Windows operating systems. The flaw that it exploits in this case has to do with how Windows handles NTFS images.

On page GitHub, Tivadar describes that one can cause BSOD using a "NTFS hand-made image". In addition, this service denial can be enabled by admin, the limited user account or user mode. "It may cause the system to collapse even if it is locked."

Affected versions of Windows (although not limited to) that may be targeting this attack are:

  • Windows 7 Enterprise 6.1.7601 SP1, Build 7601 x 64
  • Windows 10 Pro 10.0.15063, Build 15063 x64
  • Windows 10 Enterprise Evaluation Insider Preview 10.0.16215, Build 16215 x64

The GitHub reference also describes the method of preparing NTFS images. After the attack, auto-play is activated and the system crashes automatically.

If the auto-play takes action, the attack can also take place when the system is locked. Tivadar believes this behavior should be discouraged.

The researcher informed Microsoft about the issue, but the company did not launch a Common Vulnerabilities and Exposures (CVE) nor did it publish an official patch. However, the company repaired the issue at some point without informing Tivadar. As a result, the BSOD code attack is not possible in the recent Windows 10 Build 16299.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *