Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
komali2
on May 26, 2017
|
parent
|
context
|
favorite
| on:
NTFS bug lets anyone hang or crash Windows 7 or 8....
<img src="c://badfilename"> is enough. You don't need JavaScript.
deelowe
on May 26, 2017
|
next
[–]
But you do need the file to be stored locally. I don't think this attack is very serious. Downloading and opening files is already a risky maneuver.
komali2
on May 26, 2017
|
parent
|
next
[–]
My understanding of the article is there isn't a "local file" that matches the name, but the very act of checking for that filename causes the hang.
Happy to be corrected.
jordache
on May 26, 2017
|
prev
[–]
is this true for even evergreen browsers? Is this true for pages that's hosted in non localhost domain or drag n' dropped into browser from the file explorer? (file:// protocol)
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
