Zen Managed ServicesZen Managed ServicesZen Managed ServicesZen Managed Services
  • Services
    • Domain Names
    • Managed Cyber Security
    • Hosting
      • Managed WordPress Hosting
      • ColdFusion Hosting
      • Lucee Hosting
      • SmarterMail Hosting
    • Migration Services
    • Managed WordPress
    • Email Filtering & Archiving
    • Acronis Cloud Backup
    • Secure VPN
  • Support
    • Open Ticket
    • Knowledgebase
    • News/Announcements
  • BLOG
  • Contact
  • Clients
    • Client Area
    • Hosting Control Panel
    • RMM Dashboard

Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1

    Home Security Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1
    NextPrevious

    Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1

    By russmichaels | Security | 0 comment | 30 May, 2017 | 0

    Until Microsoft patches this problem, use Chrome: a slip in file path handling allows an attacker to crash Windows 7 and Windows 8.1 with a simple file call.

    The bug is triggered if Windows’ Master File Table is included in a directory path – for example, if the attacker included $MFT as a link to an image in a Website.

    “Anatolymik” of Alladin Information Security in Russia lays claim to the discovery here (in Russian).

    $MFT is supposed to be protected from user access, for good reason: every file on an NTFS volume has a reference in the MFT.

    What the researchers discovered is that if you try to access a file like c:\$MFT\foo, the NTFS (NT file system) locks $MFT and doesn’t release it: “it will be captured forever,” the post states. “Therefore, for example, when trying to create a file or read the volume of files, NTFS attempts to seize ERESOURCE $ mft file and will hang at this stage forever.”

    As Bleeping Computer notes, Chrome users can’t be remotely attacked, because it recognises and blocks images with malformed paths. Both Internet Explorer and Firefox, however, are vulnerable. ®

    No tags.
    Avatar

    russmichaels

    More posts by russmichaels

    Related Post

    • 54% of UK companies hit by ransomware attacks

      By russmichaels | 0 comment

      All experts agree that ransomware is unpredictable, hard if not impossible to prevent, and is currently showing no signs of slowing. Businesses are facing numerous challenges from this evolving, dangerous threat, with Andy Buchanan fromRead more

    • The business of cybercrime

      By russmichaels | 0 comment

      Think of a cyber criminal and what do you see? For many of us the answer is an obsessive loner, working from ‘criminal headquarters’ that are nothing more than a cramped bedsit. While that imageRead more

    • Cybercriminals are now stealing off each other

      By russmichaels | 0 comment

      The cost of ransomware attacks: $1 billion this year And it’s only the beginning, with file locking malware only set to grow and take larger role in cybercrime, warn researchers. Read More Contact ZenMSP todayRead more

    • Is your hosting provider secure?

      By russmichaels | 0 comment

      In the past month, WordFence forensic analysts ran into two situations where they saw a significant number of site cleaning customers, all from the same hosting companies, all with the same malware. In both cases theRead more

    • Microsoft announces end of life (EOL) on Windows Vista

      By russmichaels | 0 comment

      What Does This Mean? As of today Windows Vista has now reached the end of its product support lifecycle after completing five successful years. In other words, Microsoft will no longer be supporting Windows Vista, andRead more

    • New malware targets governments

      By russmichaels | 0 comment

      New malware uses password recovery and backup tools to steal data A new type of attacks targeting government agencies uses readily available software such as password recovery and backup tools to infect victim organizations andRead more

    • Massive GoldenEye / Petya ransomware attack is currently unfolding worldwide.

      By russmichaels | 0 comment

        Another month, another global ransomware attack. Just as it seemed that the threat of WannaCry has dissipated, organisations around the world are finding themselves under siege from a new threat. Bitdefender has identified aRead more

    • ALERT: Your SSL may need re-issuing

      By russmichaels | 0 comment

      Since March 2017, Google and Symantec have been involved in a dispute over Symantec’s validation process for SSL certificates (read more here). Google has announced a solution that will have an immediate impact on youRead more

    NextPrevious

    Categories

    • News
    • Products & Services
    • Security
    • Tutorials
    • Uncategorized

    Recent Posts

    • New Gmail security features to protect you from phishing and ransomware
    • Updates to our Cybersecurity solution
    • DON’T MISS OUT! – Last chance to claim your .uk domain name
    • How to make your Website GDPR compliant
    • How to Create a Privacy Policy for Your Website

    Recent Comments

      Archives

      • June 2019
      • April 2018
      • March 2018
      • November 2017
      • September 2017
      • August 2017
      • July 2017
      • June 2017
      • May 2017
      • April 2017
      • March 2017
      • February 2017
        Legal Documents
      • Hosting Master Service Agreement
      • Terms & Conditions
      • Privacy Policy
      • Services
        • Domain Names
        • Managed Cyber Security
        • Hosting
          • Managed WordPress Hosting
          • ColdFusion Hosting
          • Lucee Hosting
          • SmarterMail Hosting
        • Migration Services
        • Managed WordPress
        • Email Filtering & Archiving
        • Acronis Cloud Backup
        • Secure VPN
      • Support
        • Open Ticket
        • Knowledgebase
        • News/Announcements
      • BLOG
      • Contact
      • Clients
        • Client Area
        • Hosting Control Panel
        • RMM Dashboard
      Zen Managed Services