Windows updates are important but annoying, so it’s often tempting to put them off. But the latest update is not one you want to postpone. Microsoft released a patch that fixes an error that can crash your system by connecting to a malformed file path. In theory, a hacker could have used the glitch to crash your PC just by opening a folder.
As first reported by Bleeping Computer, the problem stems from how programs can access file paths for your convenience. Paste a file path into Google Chrome, for instance, and it’ll fire up Windows Explorer or open a PDF on your system. But if the file path didn’t correctly pass specific attributes, it crashed Windows leading to a BSOD (blue screen of death).
It’s an easy bug to reproduce, and we won’t list the sample path to prevent accidental crashes. In Bleeping Computer’s testing, it discovered several ways to exploit the bug and crash systems, including merely downloading and opening files. With the right actions, hackers could crash Windows every time a user logs into their account.
While crashing a system sounds merely annoying, bad actors could use the method to mask other actions and prevent administrators from tracking down network intrusions. Hackers could even remotely trigger the path, crashing a sysadmin system if they have access.
The latest Windows update solves the problem and will protect your PC from this particular bug. Even if you think it’s unlikely a hacker can target you, it’s still a critical bug that can crash your system. So if you typically put off installing Windows updates, you should break the habit on this occasion.