news

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

2024-08-13 10:20:27 Author: Yao Liwei

On August 13, cybersecurity company Fortra discovered a serious vulnerability (CVE-2024-6768) in a key driver, which affects all versions of Windows 10 and Windows 11. Although the system has installed the latest patch, this problem cannot be avoided.

The vulnerability exists in the Windows Common Journaling File System (CLFS.SYS) driver. Researcher Nicardo Narvaja said that due to improper validation of input data, the system will produce unrecoverable errors and eventually cause a blue screen of death. He warned that an attacker could induce a system crash through a carefully constructed .BLF file, causing system instability or even denial of service.

Although this is a local attack and requires the attacker to have physical access to the target system, the potential risk cannot be ignored. An attacker can use this vulnerability to repeatedly crash the system, causing data loss and outages.

It is worth mentioning that this is not the first time that a serious vulnerability related to CLFS has appeared in Windows. Last year, Microsoft fixed a similar vulnerability (CVE-2023-36424) that could lead to local privilege escalation. Therefore, users should pay close attention and update their operating systems in a timely manner to ensure security.

At the same time, you should also pay attention to protecting your personal privacy and the security of important information when using your computer. Avoid accessing links from unknown sources and downloading unverified software, and enable security measures such as strong passwords and two-factor authentication to increase the protection of the system.