Latest in Gear

Image credit: Reuters

Windows metadata bug has been waiting to cripple older machines (updated)

Remember the blue screen of death? It's kind of like that.
796 Shares
Share
Tweet
Share
Save

Sponsored Links

Reuters

If you're still using Windows 7 or Windows 8, there's another security issue you need to be aware of aside from Wannacry. This one won't hold your computer ransom for bitcoin, though. Actually, it might be more annoying than it is dangerous. Researchers from Aladdin RD, an information security company, recently discovered (translated) that a bad image call embedded into a website can bring older computers to a grinding halt. In this case, it's filename "$mft."

As Ars Technica points out, it's a metadata file that exists in the root directory of the OS' NTFS file system. When something tries using it, like a malicious website accessed through Internet Explorer in this case, the NTFS driver never releases its lock on the file. This in turn blocks other legitimate processes from accessing the file system.

From here, every program trying to access any type of file will start to hang and you can see where this is going. Now, this type of vulnerability isn't new (older versions of Windows had similar responses calls for c:\con\con), and neither is the fix. Simply reboot your machine and you should be good to go.

Microsoft is aware of the problem, but isn't going to fix the bug in Windows Vista. Considering that Redmond is still supporting Windows 7 and Windows 8 there may be a patch coming, though. We've reached out for more information and will update this post should it arrive.

Update: A Microsoft spokesperson told Engadget that the company is looking into the matter and will give an update as soon as it can.

"Our engineers are currently reviewing the information. Microsoft has a customer commitment to investigate reported security issues and provide updates as soon as possible."

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr