A report by Fortra reveals a new security flaw in a Windows driver labeled CVE-2024-6768 causes a blue screen on a PC running Windows 11/10 and Server 2022. Wonder about this CVE-2024-6768 BSOD? Find details from this post on MiniTool.
Last month, millions of Windows PCs all over the world suffered from one of the massive global computer outages caused by a flaw in CrowdStrike Falcon. Less than one month has passed since CrowdStrike BSOD, another new blue screen of death issue has been revealed by the Cybersecurity firm Fortra in a report. It is CVE-2024-6768 BSOD.
About CVE-2024-6768 Blue Screen
In detail, there is a new vulnerability in the Windows CLFS.sys (Common Log File System) driver that is responsible for recording applications and managing logs. This flaw tracked as CVE-2024-6768, arises from improper validation of specified quantity in input (CWE-1284) in the CLFS.sys driver, thus leading to a denial of service.
This bug can cause an unrecoverable inconsistency, triggering the KeBugCheckEx function, ultimately resulting in the infamous Blue Screen of Death which is a longstanding nemesis of Windows users.
The Scope of the Vulnerability
CVE-2024-6768 BSOD doesn’t discriminate and it currently affects all the versions of Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022, regardless of whether they have installed all the latest security patches.
The researcher Ricardo Narvaja has demonstrated the vulnerability via a PoC (proof of concept) that uses specific values within a .BLF file, a file format in Windows CLFS. Without requiring user interaction, an unprivileged user can craft a particular input to induce a system crash.
According to a report, some potential issues such as system instability and denial of service appear. Malicious users can repeatedly exploit the CVE-2024-6768 vulnerability, keeping crashing affected systems, hence disrupting operations and resulting in potential data loss.
In terms of the Severity of CVE-2024-6768 BSOD, it belongs to Medium, rating of 6.8 on the CVSS (Common Vulnerability Scoring System). The attack vector is local, which means malicious attackers need to physically access the machine to exploit the vulnerability, somewhat limiting the scope of potential attacks.
No Fix for CVE-2024-6768 BSOD but Some Suggestions
According to the timeline posted by Fortra, this company had first reported to Microsoft with a Proof-of-Concept exploit on December 20, 2023, and Microsoft replied that their engineers could not reproduce the vulnerability. At last, Fortra released the CVE-2024-6768 vulnerability on August 12, 2024.
Currently, Microsoft doesn’t have any mitigation or solution to fix the CVE-2024-6768 blue screen due to the nature of the vulnerability. IT administrators should exercise caution and attempt to try some additional security measures where possible.
- Restrict physical access to critical systems
- Monitor for any unusual activity that attempts to exploit the flaw
- Keep Windows systems up-to-date to reduce the risk of exploitation
Back up Files to Avoid Data Loss
If you are an ordinary user, what you can only do is keep your data safe since potential data loss is caused by repeated system crashes, as stated above. For data backup, we recommend MiniTool ShadowMaker, a professional and the best backup software for Windows 11/10/8.1/8/7 and Server 2016/2019/2022.
In file backup, folder backup, disk backup, and partition backup, this backup utility plays an important role. Furthermore, MiniTool ShadowMaker allows backing up data regularly by setting a time point in a day, week, or month. Also, incremental backups and differential backups are supported, saving time and disk space.
Get it on your PC and take the steps below to begin backup.
MiniTool ShadowMaker TrialClick to Download100%Clean & Safe
Step 1: Launch MiniTool ShadowMaker Trial Edition on a Windows PC or a server.
Step 2: Move to Backup > SOURCE, choose what to backup, and click OK.
Step 3: Under Backup, hit DESTINATION to choose a path such as an external drive to save the backup image.
Step 4: For automatic backups, hit Options > Schedule Settings, and configure a plan. Then, hit Back Up Now to begin a full backup, and scheduled backups will be created at the set time.