nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1

The 1990s called: they want their filepath hack back

By Richard Chirgwin, 29 May 2017

Until Microsoft patches this problem, use Chrome: a slip in file-path handling allows attacker to crash Windows 7 and Windows 8.1 with a file call.

The bug's triggered if Windows' Master File Table is included in a directory path – for example, if the attacker included $MFT as a link to an image in a Website.

“Anatolymik” of Alladin Information Security in Russia lays claim to the discovery here (in Russian).

$MFT is supposed to be protected from user-access, for good reason: every file on an NTFS volume has a reference in the MFT.

What the researchers discovered is that if you try to access a file like c:\$MFT\foo, the NTFS (NT file system) locks $MFT and doesn't release it: “it will be captured forever,” the post states. “Therefore, for example, when trying to create a file or read the volume of files, NTFS attempts to seize ERESOURCE $ mft file and will hang at this stage forever.”

As Bleeping Computer notes, Chrome users can't be remotely attacked, because it recognises and blocks images with malformed paths. Both Internet Explorer and Firefox, however, are vulnerable. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing