A new bug is founded in Windows 10 that leads the Blue Screen of Death by simply opening a certain path in the web browser or other Windows commands.

Last week, we disclosed another Windows bug that was activated by entering a single line code, once executed it will corrupt your NTFS volume or your hard drive that also prevents your Windows from starting, ultimately this bug was resolved by chkdsk.

But, today we have found another bug that causes BSOD while opening an unusual path. Now read the upcoming section to know about this in detail.

Whence this Bug Originates BSOD?

In October 2020, Windows security expert Jonas Lykkegaard has reported this bug that causes a BSOD crash, as it enters into the Chrome address bar.

Whereas the developers directly deal with Windows devices, as they can pass the Win32 device name-space path as the argument to Windows programming functions. This code allows the applications of Windows to interact with the physical disk without getting the permissions through the file system.

The security researcher also discovered that the Win32 device path that used kernel or user-mode ipc. If you open this path, it will lead you to a Windows crash

\\.\globalroot\device\condrv\kernelconnect

While connecting with devices the developers have to pass the attribute to establish the communication with the device properly.

The researcher also discovered that if you will try to connect the path without the attribute will cause an improper error while checking it. This entire process will be caused by an exception that results in a Blue Screen of Death crash in Windows 10.

This bug may get worse if the users are attempting to connect with the device using this path, it makes it easier for the program to execute it on a system and crash the Windows.

Whereas “Microsoft told that their customer service commitment that used to investigate the reported security issues that will assist through the updates to recover the infected devices asap”.

Impact of BSOD Bug

In case this bug is executed remotely to get the privilege that it can be used as DOS while attacking a system. The researcher also shared the URL file that sets the point towards \\.\globalroot\device\condrv\kernelconnect. If the file is executed into the system then it will try to render the URL file’s icon and automatically crashes Windows.

Many security experts find other ways to execute this bug that cause the Blue Screen to Death automatically on logging into Windows.

According to the experts, this bug is used by the threat actors who have access to the network and who want to cover them by this attack.

If the threat actors have administrator credentials then they will execute this bug remotely and they will access this path on the Windows 10 devices on a network that causes BSOD.

In 2017, a similar type of attack was conducted by the hackers through the Far Eastern International Bank located in Taiwan, The attackers used to deployed the Hermes ransomware to the network to delay the bank investigation. The attackers used the administrator control and delay the investigation on a particular system.