Fortra Identifies Denial of Service Vulnerability in Microsoft Windows Systems

13 Aug 2024

Last month, the tech world was rocked by Microsoft’s infamous Blue Screen of Death (BSoD) error, triggered by a faulty update from cybersecurity firm CrowdStrike. Just as the dust began to settle, another vulnerability has emerged, this time identified by Fortra, a cybersecurity software company.

What is the new vulnerability in Microsoft Windows?

Fortra has detailed a significant vulnerability affecting Microsoft Windows, specifically a Denial of Service issue found in the CLFS.sys component. This flaw impacts a range of systems, including Windows 10, Windows 11, and various versions of Windows Server (2016, 2019, and 2022). The vulnerability allows a malicious, authenticated low-privilege user to induce a BSoD through a forced call to the KeBugCheckEx function.

Cataloged as CVE-2024-6768, this vulnerability revolves around the common log file system driver in Windows. It arises from improper validation of input data quantities, which can lead to the notorious BSoD error. The implications are broad, affecting all versions of Windows 10 and Windows 11, along with Windows Server 2022.

Ricardo Narvaja, principal exploit writer at Fortra and author of the vulnerability report, highlighted the potential risks: “The potential problems include system instability and denial of service,” he noted. He further emphasized that “malicious users can exploit this vulnerability to repeatedly crash affected systems, disrupting operations and potentially causing data loss.”

Fortra initially alerted Microsoft about this vulnerability back in December of the previous year. However, the response from Microsoft came in February 2024, stating that they were unable to reproduce the issue and subsequently closed the case. This ongoing dialogue underscores the critical nature of cybersecurity in maintaining system integrity and operational continuity.

Microsoft to do download for windows 10?

To download Microsoft To Do for Windows 10, you can visit the Microsoft Store on your Windows 10 device. Open the Microsoft Store application, search for 'Microsoft To Do,' and click the 'Get' or 'Install' button. Alternatively, you can visit the Microsoft To Do page on the Microsoft website and follow the link to the Microsoft Store from there. Ensure that your device meets the system requirements before downloading.

How to install windows app without microsoft store?

To install Windows apps without using the Microsoft Store, you can use methods such as downloading the application directly from the developer's website, using package managers like Chocolatey, or running offline installers. For apps distributed as .exe or .msi files, download the installer and run it to install the app. Ensure that the source is trusted to avoid potential security risks.

Update: 13 Aug 2024

Discover Microsoft Windows XP download for free to PC or mobile

Latest update Discover Microsoft Windows XP download for free for Windows PC or Android mobile

661 reviews

3936 downloads

News and reviews about Discover Microsoft Windows XP

14 May 2025

Microsoft Identifies Vulnerabilities, Updates Security Measures

Microsoft addressed 72 vulnerabilities, including five zero-day flaws, marking the eighth month without critical classification. Urgent patches respond to active exploitation risks.

25 Apr 2025

Windows Updates Unveil Risks with Inetpub Folder Appearance

Microsoft's recent update has led to security concerns due to the unexpected appearance of the 'inetpub' folder, potentially allowing hackers to exploit Windows systems.

09 Apr 2025

Microsoft's Milestones in Innovation and Computing History

From its 1970s inception to today, Microsoft's journey in computing innovation showcases key products like MS-DOS, Windows, and advancements in AI and cloud technology.

04 Mar 2025

CdkeySales Offers Significant Savings on Microsoft Software

CdkeySales provides major discounts on software keys for Windows 10, Windows 11, and Microsoft Office packages, offering a user-friendly purchasing process.

03 Mar 2025

CISA Identifies New Vulnerabilities Impacting Key Systems

CISA reports new vulnerabilities in Cisco routers and Windows. Agencies are urged to address these security issues by March 2025 to ensure protection.

03 Sep 2024

Mastering Windows 11 Keyboard Shortcuts Boosts Business Efficiency

Mastering keyboard shortcuts in Windows 11 enhances efficiency and transforms tasks into seamless operations. These shortcuts cover basic functions, start menu and taskbar navigation, screenshots, desktop management, and command prompt operations, significantly boosting productivity for users.

13 Aug 2024

CERT-In Warns Windows Users of Vulnerabilities in Multiple Versions

The Indian Computer Emergency Response Team (CERT-In) warns Windows users of vulnerabilities in various versions, including Windows 10, 11, and Server editions. Users should activate firewalls, update antivirus software, and stay informed about updates from Microsoft and CERT-In.

13 Aug 2024

Fortra Identifies Denial of Service Vulnerability in Microsoft Windows Systems

Fortra has discovered a Denial of Service vulnerability in Microsoft Windows, affecting versions 10, 11, and Server 2016, 2019, and 2022. The flaw, CVE-2024-6768, can cause system instability and data loss. Microsoft closed the case in February 2024, citing inability to reproduce the issue.

13 Aug 2024

Microsoft Windows Users Face Issues in India Due to CrowdStrike Update

Microsoft Windows users face issues due to a significant outage from a problematic CrowdStrike update. CERT-In has issued an alert highlighting vulnerabilities that could allow attackers to elevate privileges, particularly affecting systems with VBS and Windows Backup. Users should follow Microsoft's recommendations.

13 Aug 2024

CERT-In Issues Advisory on Microsoft Windows Vulnerabilities

The Indian Computer Emergency Response Team (CERT-In) has warned of vulnerabilities in Microsoft Windows, affecting versions 10, 11, and 12, as well as Windows Server 2016, 2019, and 2022. These medium-severity flaws could allow privilege escalation. Users should update to the latest versions.