Malta researchers find Windows bug that crashes PCs

Share this article:

Researchers at a software company in Malta say they have discovered a decade-old Windows vulnerability that can cause a system to instantly crash and display the so-called blue screen of death.

The denial-of-service condition can result if a user is tricked into running an application that contains the malicious code, Paul Gafa, CTO of 2X Software, told SCMagazineUS.com on Wednesday.

"You can be the least privileged user on the system and still crash it," he said. "I believe it is very easy for Microsoft to sort it out. They just need to validate arguments passed to Windows APIs (application programming interfaces)."

The vulnerability, which Gafa and his team discovered while writing a software testing application, is present in all versions of the Microsoft operating system dating back to Windows 2000, Gafa added.

A Microsoft representative said the company was aware of the bug but downplayed the risk.

"Our initial assessment of the report is that malicious code would have to already be running or a user would have to be able to run a specially crafted application to cause the system to crash," a company spokesperson told SCMagazineUS.com on Wednesday in an email. "In either case, the system has already been compromised or the user has rights to logon to the system."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.