This NTFS Bug Could Allow Websites To Crash Any Windows 8.1, 7 PC
It’s not been the best of weeks for Microsoft, and if you are reading this, we find it highly unlikely that you will not be acutely aware of the WannaCry ransomeware that took the planet by storm not so long ago.
Now, Microsoft is having to deal with a whole new threat, although this one is nowhere near WannaCry in pervasiveness or, importantly, impact. As ArsTechnica reports, the latest problem to crop up for those running particular versions of Windows could see their computer grind to a halt and perhaps even throw the infamous Blue Screen of Death thanks to something as simple as malicious code on a website.
The problem comes when a website attempts to load a file that is stored locally on the computer in question – in particular, anything with a path that includes $MFT. As soon as something is loaded from a path with those four characters, Windows Vista, Windows 7 and Windows 8.1 computers get themselves all hot under the collar and eventually stop responding, with a restart the only recourse available. In some cases, that BSOD rears its ugly head, too.
The new bug, which fortunately doesn’t appear to afflict Windows 10, uses another special filename. This time around, the special filename of choice is $MFT. $MFT is the name given to one of the special metadata files that are used by Windows’ NTFS filesystem. The file exists in the root directory of each NTFS volume, but the NTFS driver handles it in special ways, and it’s hidden from view and inaccessible to most software. Attempts to open the file are normally blocked, but in a move reminiscent of [a similar] Windows 9x flaw, if the filename is used as if it were a directory name—for example, trying to open the file c:\$MFT\123—then the NTFS driver takes out a lock on the file and never releases it. Every subsequent operation sits around waiting for the lock to be released. Forever.
This explanation goes some way to clarifying why impacted computers simply fail to respond, usually requiring a restart. When they try to access the file with the special path, they simply can’t. That doesn’t stop them from trying though, and all other requests for files queue behind that initial, futile request. The end result here is a computer that fails to function until the blockage is cleared, which, inevitably, requires a restart.
It would appear that this flaw was first noticed around a week ago, and while Microsoft is aware of the problem, there is no indication as yet as to when a bug fix will appear. Windows Vista users in particular may be out of luck, with the software officially out of support.