Cybersecurity experts have identified a significant vulnerability within the Windows operating system that poses a serious threat to device integrity and data security. In a recent security advisory, researchers from Fortra revealed an improper input data validation flaw in the Common Log File System (CLFS.sys) Windows driver. This vulnerability allows malicious actors to create a specific log file format, such as a .BLF file, which can trigger a catastrophic system failure known as the Blue Screen of Death (BSOD).
Both Windows 10 and Windows 11, across all versions, are at risk. The ease of execution is particularly alarming, as it can be carried out with minimal privileges and requires no user interaction, making it accessible even to less experienced attackers.
Proof of Concept
This vulnerability, designated as CVE-2024-6768, has been assigned a medium severity score of 6.8. While this rating might suggest a limited potential for disruption, Fortra's researchers caution that the flaw could destabilize systems and enable Denial of Service (DoS) attacks. Cybercriminals could exploit this vulnerability to repeatedly crash affected systems, leading to significant operational disruptions.
Currently, there is no evidence indicating that this vulnerability has been exploited in the wild. However, with Fortra releasing a Proof-of-Concept (PoC) alongside the advisory, the window for potential exploitation is narrowing. The attack vector is local, meaning that attackers must execute it directly on the target system. Nonetheless, the low privilege requirement makes it an attractive option for novice cybercriminals.
Fortra's advisory also highlights that Microsoft has yet to address this vulnerability. The tech giant has attempted to reproduce the issue on two occasions, the latest being in late February 2024, but was unsuccessful, leading to the closure of the case. This outcome implies that even the most recent iterations of Windows 10 and Windows 11 remain vulnerable.