The newly-discovered CVE-2024-6768 plagues Windows 10/11 devices
Microsoft might fix it with this week's Patch Tuesday updates.
2 min. read
Published on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Windows users are buzzing about a new find: a critical flaw in the system’s driver labeled CVE-2024-6768. This bug impacts updated PCs, causing the infamous Blue Screen of Death (BSOD).
This troubling issue, which was discovered by security company Fortra, is caused by a driver managing the Common Log File System (CLFS.SYS). Due to poor validation, this driver can trigger a denial of service that results in a BSOD.
This problem doesn’t discriminate; it currently impacts all Windows 10 and 11 versions, regardless of your system.
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.
Worse, a user without privileges could exploit this weakness by creating specific values in a . BLF file, leading to system failures. This could make the system unstable, interrupt operations, and cause data loss.
According to the timeline posted by Fortra, the vulnerability currently has no fix and has been running rampant on Windows 10/11 devices for some time.
- December 20, 2023 – Reported to Microsoft with a Proof-of-Concept exploit.
- January 8, 2024 – Microsoft responded that their engineers could not reproduce the vulnerability.
- January 12, 2024 – Fortra provided a screenshot showing a version of Windows running the January Patch Tuesday updates and a memory dump of the crash.
- February 21, 2024 – Microsoft replied that they still could not reproduce the issue and they were closing the case.
- February 28, 2024 – Fortra reproduced the issue again with the February Patch Tuesday updates installed and provided additional evidence, including a video of the crash condition.
- June 19, 2024 – Fortra followed up to say that we intended to pursue a CVE and publish our research.
- July 16, 2024 – Fortra shared that it had reserved CVE-2024-6768 and would be publishing soon.
- August 8, 2024 – Reproduced on latest updates (July 2024 Patch Tuesday) of Windows 11 and Server 2022 to produce screenshots to share with media.
- August 12, 2024 – CVE publication date.
Fortunately, Patch Tuesday updates are coming out this week, with a possible fix for this serious vulnerability.
User forum
0 messages