4 Characters In A Website's Code Can Crash Windows 7 And Windows 8 Computers: Is There A Fix?
A new bug has been discovered for computers running on Windows 7, Windows 8, and the out-of-support Windows Vista that causes them to crash.
These 4 Characters Can Cause A Windows Computer To Crash
Russian website Habrahabr.ru reported that the four characters "$MFT" can cause a computer running on an older version of Windows to crash.
The bug works when a developer uses the four characters in the directory name where a website stores its images. Windows only expects to see the $MFT in a special metadata file used by the NTFS file system, so when the computer encounters the string of characters, Windows locks the file system.
All succeeding operations in the computer are held back while waiting for the lock to be released. What happens is that every running program will eventually hang, causing the computer to become gradually unusable before crashing. In some cases, users may even be faced with the dreaded blue screen of death.
The Verge was able to successfully replicate the bug by using the filename "c:\$MFT\123" for one of the images of a website. The computer slowed down after accessing the website.
Once the bug is initiated, the only way for users to escape it is to reboot their machines.
The glitch works very similarly to an old problem found in Windows 95 and Windows 98. The special filename "con," which represents the keyboard and the screen, caused computers to crash when it was referenced twice in a filename. If the filename was referenced in a website, the computer would crash whenever its browser visits the malicious webpage.
Is A Fix On The Way For The $MFT Bug?
Microsoft has been informed about the bug, but it has not yet released a fix for the problem. Fortunately, for now, the worst thing that can happen is that users will lose unsaved work and spend additional time in rebooting their computers.
Ars Technica was not able to make the glitch trigger remotely so that hackers can exploit the bug, but it wouldn't be surprising if an attack that pairs the glitch with malware can be made.
Currently, the only way for users on Windows 7, Windows 8, and Windows Vista computers to protect themselves from websites taking advantage of the bug is to set up their internet browsers to not load images. However, that would be too extreme of a solution, especially as users will not likely run into the bug if they only visit trusted websites.
The bigger issue and solution, however, is that users could prevent themselves from being exposed to such vulnerabilities by upgrading to the latest versions of operating systems and constantly updating their systems. Technology companies such as Microsoft keep improving the security of products such as Windows 10, but it will only benefit users if they also choose to prioritize cybersecurity.