NTFS filesystem bug could crash Windows 7, 8, and 8.1

Any gerbils out there using Windows 7, 8, or 8.1 may want to take note, particularly if they use Internet Explorer on those systems. A security vulnerability has come to light (Google Translation), affecting those operating systems. A malicious local application or even a website (with IE in the mix) can potentially crash a machine simply by sending a carefully-crafted request to access a local file.

The exploit results from a bug in the way Windows handles protected filenames . In this specific case, the offending file is $MFT, which is reserved for a bit of NTFS metadata. There's a hidden $MFT file in the root of every NTFS volume, and normally Windows won't let you access ...

Read more...