Security News > 2021 > February > Microsoft fixes Windows 10 console bug leading to blue screens
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded.
Last month, we reported on a bug in the Windows 10 console multiplexer driver, condrv.
A lack of error checking allowed you to access the path without the attribute and crash Windows.
As part of the February 2021 Patch Tuesday, Microsoft has fixed this bug and tracking it as CVE-2021-24098, with a description of 'Windows Console Driver Denial of Service Vulnerability.
When we attempted to assign the path to the f: drive using the 'net use' command, Windows 10 no longer crashes.
BleepingComputer strongly recommends that Windows 10 users install the latest Windows 10 updates to fix this bug.
News URL
Related news
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- Microsoft to start force-upgrading Windows 22H2 systems next month (source)
- Microsoft fixes Windows Smart App Control zero-day exploited since 2018 (source)
- Windows 10 KB5043064 update released with 6 fixes, security updates (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
- Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws (source)
- Microsoft rolls out Office LTSC 2024 for Windows and Mac (source)
- Microsoft may have revealed Windows 11 24H2 is coming this month (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-25 | CVE-2021-24098 | Unspecified vulnerability in Microsoft products Windows Console Driver Denial of Service Vulnerability | 5.5 |