August 12, 2024 By Sayan Sen
Last month, a large number of Windows enterprise and business PCs worldwide came head-on with one of the biggest global computing outages of all time. It was a consequence of a buggy CrowdStrike Falcon IPC Template Type and this month the cybersecurity firm released its final report about the issue. What all that led to is the infamous Blue Screens of Death (BSODs), which has its roots in the first Windows NT (version 3.1) days.
While the CrowdStrike BSOD outage was a consequence of a botched security update, a new BSOD-triggering security flaw has been discovered in a Windows driver by cybersecurity firm Fortra, and fully updated Windows systems are affected by this vulnerability.
The firm explains that the Windows' CLFS.SYS driver, responsible for handling the Common Log FIle System, is the root of the issue and is triggered by improper validation (CWE-1284) thus leading to a denial of service-induced BSOD. The issue is being tracked under ID "CVE-2024-6768." Fortra's Nicardo Narvaja writes:
