We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

Update Your Windows 10 Device Now to Patch a Critical Vulnerability

A Windows blue screen of death

Windows updates are important but annoying, so it’s often tempting to put them off. But the latest update is not one you want to postpone. Microsoft released a patch that fixes an error that can crash your system by connecting to a malformed file path. In theory, a hacker could have used the glitch to crash your PC just by opening a folder.

As first reported by Bleeping Computer, the problem stems from how programs can access file paths for your convenience. Paste a file path into Google Chrome, for instance, and it’ll fire up Windows Explorer or open a PDF on your system. But if the file path didn’t correctly pass specific attributes, it crashed Windows leading to a BSOD (blue screen of death).

It’s an easy bug to reproduce, and we won’t list the sample path to prevent accidental crashes. In Bleeping Computer’s testing, it discovered several ways to exploit the bug and crash systems, including merely downloading and opening files. With the right actions, hackers could crash Windows every time a user logs into their account.

While crashing a system sounds merely annoying, bad actors could use the method to mask other actions and prevent administrators from tracking down network intrusions. Hackers could even remotely trigger the path, crashing a sysadmin system if they have access.

The latest Windows update solves the problem and will protect your PC from this particular bug. Even if you think it’s unlikely a hacker can target you, it’s still a critical bug that can crash your system. So if you typically put off installing Windows updates, you should break the habit on this occasion.

via Bleeping Computer

Josh Hendrickson Josh Hendrickson
Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read Full Bio »