(An Autonomous Body Recognized by Ministry of Commerce & Industry, Government of India)
Competency based placement focussed Education I Training I Research I Consultancy
Windows Rust Kernel Bug Causes System Crashes Despite Memory Safety
A newly discovered vulnerability in Microsoft’s Rust-based kernel component for the Windows Graphics Device Interface (GDI) can trigger Blue Screen of Death (BSOD) crashes, raising questions about integrating memory-safe languages into critical OS layers. Classified as moderate by Microsoft, the flaw poses disruption risks in enterprise environments. Uncovered by Check Point through targeted fuzzing using WinAFL tools, the issue originated in the handling of Enhanced Metafile Format (EMF/EMF+) files. During testing, malformed graphics records caused repeated system crashes, leading to the discovery of an out-of-bounds array access in the Rust driver win32kbase_rs.sys. The bug surfaced when a malformed EmfPlusDrawBeziers record bypassed bounds checks in NtGdiSelectClipPath, invoking a SYSTEM_SERVICE_EXCEPTION. Microsoft patched the flaw in Build 26100.4202 (KB5058499) with improved edge-handling routines. Researchers emphasized that while Rust reduces memory errors, design and logic vulnerabilities still demand rigorous fuzzing and validation.
21-10-2025
📰 Recent News
- Microsoft Impersonation Scam Uses Fake Support Alerts to Steal Credentials
- Windows Rust Kernel Bug Causes System Crashes Despite Memory Safety
- TikTok Malware Campaign Tricks Users with Fake Software Activations
- Operation Zero Disco: Cisco SNMP Flaw Exploited to Install Linux Rootkits
- EtherHiding Used by North Korean Group to Deliver Modular Malware