Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

The ultimate BSOD — this Windows driver security flaw could crash your whole system, and Microsoft is still yet to fix it

United Airlines employees wait by a departures monitor displaying a blue error screen.

Cybersecurity researchers have found a new vulnerability in Windows that allows threat actors to completely brick devices and cause serious data loss.

In a newly published security advisory, experts from Fortra said they discovered an improper input data validation vulnerability in the Common Log File System (CLFS.sys) Windows driver. By creating a new value in a specific log file format (for example, .BLF file), crooks could force the system into the Blue Screen of Death (BSOD) crash. 

Both Windows 10 and Windows 11 operating systems (all versions) are susceptible, and the vulnerability was said to be easy to execute, even with low privileges. Furthermore, it requires no interaction on the victim’s side.

Proof of Concept

The vulnerability is tracked as CVE-2024-6768, and carries a severity score of 6.8 (medium). Even though this score might indicate low disruptive potential, Fortra’s researchers said the flaw could render systems unstable, and even facilitate Denial of Service (DoS) attacks. Threat actors could use it to repeatedly crash vulnerable systems. 

There is currently no evidence of the vulnerability being exploited in the wild. However, with Fortra releasing a Proof-of-Concept (PoC) together with the security advisory, it’s now just a matter of time before cybercriminals add it to their arsenal. Since the attack vector is local, crooks looking to abuse it need to run it on the system itself. However, it can be run with low privileges, making it available even for beginner attackers. 

Fortra’s advisory also suggests that Microsoft is yet to address the issue. The company said that Redmond tried, on two occasions, to reproduce the issue, and since it failed (last time it tried was in late February 2024) it closed the case. That would also mean that even the latest versions of Windows (both Windows 10 and Windows 11) were vulnerable.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.