Windows 10 security vulnerabilities have become, along with minor system glitches, already commonplace for users. And it is that to the recent reports of the critical error that could damage our hard disk just by seeing the icon of a file or writing a simple command, now there is another slightly similar problem that leads to the familiar blue screen of death.
As they have shared it since Bleeping Computer, this new error simply involves a URL or a link to an internal Windows location (which we have preferred to avoid sharing for obvious reasons) and you don’t even need to click on it to activate it. The mere fact that Windows 10 tries to process this path, such as when entering the address bar of a browser, it will be enough to block our system.
The report says it could be remotely exploited by tricking users into downloading a URL file from Windows. The operating system will try to generate an icon from that data, which will cause the system to crash. In some cases, it could even be exploited to cause an immediate blue screen when logging into Windows. In this way, the final result for users could vary from a simple verification, until you get stuck in an automatic repair cycle during system startup.
In fact, just as I shared Jonas Lykkegaard, Windows security researcher who discovered the bug, low-privilege Windows users have access to connect to this path, which makes it easy for any common program run from your computer to crash Windows 10.
Luckily this error focuses on a basic component of human interaction, requiring users to type (voluntarily or unintentionally) some command or URL, or simply click on an unknown link or icon. For this reason, once again, we call for safe browsing: whenever we come across these types of suspicious elements, it is best to avoid them and find information about them.
For its part, Microsoft has already stated that it has opened an investigation into this error, although at the moment no resolution has been published.