A short time ago, millions of Windows PCs experienced widespread disruptions due to a major outage linked to CrowdStrike. This mishap, caused by a faulty update, severely impacted numerous businesses, leading Delta Airlines to pursue financial compensation.
Recently, Fortra has uncovered a new vulnerability, identified as CVE-2024-6768, which has the potential to cause significant issues across various Windows systems. Much like the earlier CrowdStrike incident, this flaw could trigger the dreaded blue screen of death (BSOD) on Windows 10, 11, and Server 2022, even on fully up-to-date systems.
The blue screen of death (BSOD) is a critical error screen that appears when Windows encounters a severe issue it cannot resolve, leading to a system crash and restart. BSODs are often triggered by hardware failures, driver issues, or software conflicts, and they serve as a necessary measure to prevent further damage to the system.
In its August 12, 2024 report, Fortra explains that the vulnerability stems from a flaw in input validation. By manipulating specific values in a BLF file, malicious actors could exploit this weakness, allowing non-admin users to crash the system repeatedly. While this could lead to denial of service and potential data loss, the exploit requires physical access to the affected device.
Fortra initially reported the CVE-2024-6768 vulnerability to Microsoft on December 20, 2023, providing proof of concept. However, Microsoft could not replicate the issue and closed the case in February 2024. Despite Fortra’s continued efforts and additional evidence, Microsoft did not take further action.
After successfully reproducing the problem on systems with the latest updates, Fortra decided to publicly disclose the vulnerability on August 12, 2024.