DoS-bug in ntfs.sys(?)

Hey, guys.

I noticed one interesting article at Russian web-resource habrahabr. Authors of the research claim that you can hang the entire system with help of ntfs.sys, if you make following call. They produce some explanation regarding the bug. Should work on Windows 10.

CreateFileW(L"C:\$mft\<random_digits>", FILE_READ_ATTRIBUTES, 0, NULL, OPEN_EXISTING, 0, NULL);

https://habrahabr.ru/company/aladdinrd/blog/329166/

https://translate.google.com/translate?sl=ru&amp;tl=en&amp;js=y&amp;prev=_t&amp;hl=ru&amp;ie=UTF-8&amp;u=https%3A%2F%2Fhabrahabr.ru%2Fcompany%2Faladdinrd%2Fblog%2F329166%2F&amp;edit-text=&amp;act=url</random_digits>

The bug was found by Anatoly Mikhailov. The bug has been fixed in the latest update though MS claimed this was not a bug ( “oops, we did it again” ) .

I know the bug when an unprivileged user can crash a remote machine( e.g. Win 10 or WS 2016 ) from an RDP session by just browsing folders on a mapped drive. Microsoft also claimed this was not a bug. I tracked down it to a bug in RDPDR-RDBSS filesystem synchronization.

Thx for the info. I published this stuff here, because the article doesn’t contain information about issued fix.