Windows metadata bug has been waiting to cripple older machines

If you’re still using Windows 7 or Windows 8, there’s another security issue you need to be aware of aside from Wannacry. This one won’t hold your computer ransom for bitcoin, though. Actually, it might be more annoying than it is dangerous. Researchers from Aladdin RD, an information security company, recently discovered (translated) that a bad image call embedded into a website can bring older computers to a grinding halt. In this case, it’s filename “$mft.”

As Ars Technica points out, it’s a metadata file that exists in the root directory of the OS’ NTFS file system. When something tries using it, like a malicious website accessed through Internet Explorer in this case, the NTFS driver never releases its lock on the file. This in turn blocks other legitimate processes from accessing the file system.

From here, every program trying to access any type of file will start to hang and you can see where this is going. Now, this type of vulnerability isn’t new (older versions of Windows had similar responses calls for c:concon), and neither is the fix. Simply reboot your machine and you should be good to go.

Microsoft is aware of the problem, but isn’t going to fix the bug in Windows Vista. Considering that Redmond is still supporting Windows 7 and Windows 8 there may be a patch coming, though. We’ve reached out for more information and will update this post should it arrive.

Via: Ars Technica

Source: Aladdin RD (Russian)