A few days ago we told you about a new bug in Windows 10 that could corrupt your hard drive just by seeing an icon. And now, the same researcher who discovered it has drawn attention to another strange problem with the system.
It is a path or link that can cause the system to hang and display a blue screen of death just by entering it in the URL bar of Chrome, another similar browser, or through Windows commands.
WINDOWS 10: 9 VERY USEFUL and LITTLE KNOWN TRICKS
A bug that can be exploited to perform a DoS attack
Now that is definitely huge, putting that in a shortcut path leads to an instant crash, even as an unprivileged user pic.twitter.com/ql34094kpM
– Andrew (@endermanch) January 19, 2021
Jonas Lykkegaard told BleepingComputer that trying to open a path to one of the Win32 device namespaces for a controller in various ways, even as a non-privileged user, causes the system to hang.
The path in question is
.globalrootdevicecondrvkernelconnect and if we enter it in the browser, it will try to access the internal Windows file system and will hang in the process showing the BSOD.
The detail is that this path must contain an additional element to be able to connect to the device to which it seeks to connect, but since the command is executed from a browser, the system does not verify the error, Windows is confused and this causes the blue screen of the death.
Although in some cases the problem does not seem to have more effects than those, some have tried more than once and their systems have been stuck in the screen that tries to repair the Windows startup after restarting, so use it at your own risk if you are too boring.
The main problem with a bug like this is that can be exploited by third parties to perform a DoS attack on a system. Basically via a Windows URL file with a setting that points to the path in question. If the file is downloaded, Windows 10 will try to get the .URL file icon from the problematic path and automatically hang the system.