New Windows Vulnerability CVE-2024-6768 Identified, No Fix Available

Apps & Games / Close All Windows / Desktop / Windows / News Close All Windows for Desktop Windows / New Windows Vulnerability CVE-2024-6768 Identified, No Fix Available
12 Aug 2024

In the wake of a recent CrowdStrike update fiasco that left millions of Windows machines ensnared in a blue screen of death loop, a new vulnerability has emerged, raising fresh concerns among users and IT professionals alike. According to an August 12 report from cybersecurity firm Fortra, a newly identified flaw in Windows could once again lead to the dreaded blue screen of death, affecting all versions of Windows 10 and Windows 11, regardless of whether the latest security updates have been applied.

CVE-2024-6768 Explained

The vulnerability, designated as CVE-2024-6768, pertains to the common log file system Windows driver. It arises from improper validation of input data quantities, which triggers a function known as KeBugCheckEx, resulting in the infamous blue screen of death. This scenario is particularly unsettling for Windows users, who have recently experienced similar issues stemming from the CrowdStrike incident. Although the potential consequences of an exploit are significant and do not require user interaction, the local nature of the attack vector has led to a medium-risk classification for this vulnerability.

Which Versions Of Windows Are Affected By CVE-2024-6768?

CVE-2024-6768 poses a threat to all iterations of Windows 10 and Windows 11, as well as Windows Server 2022. The vulnerability allows a user with no privileges to induce a system crash by utilizing a specially crafted file, even if the system is fully updated with the latest security patches.

Ricardo Narvaja, principal exploit writer at Fortra and author of the report, emphasized the implications of this vulnerability: “The potential problems include system instability and denial of service. Malicious users can exploit this vulnerability to repeatedly crash affected systems, disrupting operations and potentially causing data loss.”

The Windows Blue Screen Of Death CVE-2024-6768 Research Timeline

Tyler Reguly, Fortra’s associate director of security research and development, shared insights into the timeline of this vulnerability. Microsoft was first alerted to the issue in December 2023, but by February 2024, the company had become unresponsive, claiming it could not reproduce the vulnerability. This assertion stood in stark contrast to Fortra's ability to replicate the results across multiple systems, both virtual and physical. Reguly noted that no workaround or mitigation has been identified, and expressed skepticism about the likelihood of a fix from Microsoft. The publication of the vulnerability report aims to prompt Microsoft to acknowledge the exploitability of the issue and consider a resolution.

The Research Timeline In Full

  • December 20, 2023 – Reported to Microsoft with a Proof-of-Concept exploit.
  • January 8, 2024 – Microsoft responded that its engineers could not reproduce the vulnerability.
  • January 12, 2024 – Fortra provided a screenshot showing a version of Windows running the January Patch Tuesday updates and a memory dump of the crash.
  • February 21, 2024 – Microsoft replied that it still could not reproduce the issue and so was closing the case.
  • February 28, 2024 – Fortra reproduced the issue again with the February Patch Tuesday updates installed and provided additional evidence, including a video of the crash condition.
  • June 19, 2024 – Fortra followed up to say that it intended to pursue a CVE and publish the research.

How to set up remote desktop on Windows 11 Home?

Windows 11 Home does not include the Remote Desktop feature that is available in the Pro edition. However, you can use third-party remote desktop applications to achieve the same functionality. Popular options include AnyDesk, TeamViewer, and Chrome Remote Desktop. To use Chrome Remote Desktop, install the app on both computers, sign in with your Google account, and follow the setup instructions to connect.

How to crop a video on Windows 10?

To crop a video on Windows 10, you can use built-in apps like Photos or third-party software. In Photos, open the video, click Edit & Create, choose Trim, and adjust the sliders to crop. For more advanced cropping, use apps like VLC Media Player or Shotcut. In VLC, go to Tools > Effects and Filters > Video Effects > Crop tab, and set the cropping values. In Shotcut, open the video, click on Filters, choose Crop, and adjust the crop parameters to your liking.
Update: 12 Aug 2024
Close All Windows

Close All Windows download for free to PC or mobile

4
556 reviews
3111 downloads

News and reviews about Close All Windows

Loading...