Just because Windows 7 is close to eight years old doesn’t mean you still can’t find ridiculous bugs that can crash your PC.
Russian-language site Habrhabr.ru recently published one such bug that apparently causes problems if you simply visit a website, as first noticed by Ars Technica. The problem also affects Windows 8 and Vista PCs, but Windows 10 PCs are unaffected.
Here’s how the bug works. All a naughty website has to do is use the character string ‘$MFT’ in the directory name where a website keeps its images. Windows expects to see the four characters $MFT only in a special metadate file on your PC. When it sees those characters as a directory name, however, it causes enough problems that an affected PC will begin to slow down and eventually hang. At that point your only recourse is to reboot the machine. In some cases, the problem may even trigger the dreaded blue screen of death (BSOD).
Behind the scenes, a website has a file structure with directories (also known as folders) just as your PC does. Usually, images are stored in something like ‘greatwebsite.com/images/’. Perhaps that’s why no one discovered this bug until now. Who would think to name their image directory or sub-directory ‘$MFT’, after all? But even the lamest bugs won’t remain a secret forever when confronted with curious security researchers.
We didn’t have a chance to test this bug before press time, but The Verge reports it was able to successfully hang a Windows 7 PC using the trick.
The impact on you at home: If you’re running a machine affected by this bug there’s really not much you can do other than not load images from websites. That would be overkill, however, as chances are slim you’d run into a website exploiting this bug if you stick to well known sites. Microsoft hasn’t responded to this issue yet, but presumably it will issue a fix for Windows 7 and 8 PCs. Vista machines, however, are unlikely to see a patch as the operating system is no longer supported by Microsoft.