Windows 10 debuts Blue QR Code of Death – and why malware will love it

Interesting idea but we can imagine the downside

Microsoft has added a QR code to its infamous Blue Screen of Death in Windows 10.

As of Windows 10 Insider Preview build 14316, when the operating system falls over, you get not only the sad ASCII smiley but also a QR square that contains an encoded URL that leads you to a webpage about your problem. Scan it with a smartphone or other handheld and your browser will be taken to the embedded web addresses.

Right now, it just points to windows.com/stopcode, which explains typical Blue-Screen-of-Death causes, but in future it could contain detailed information about the crash – or something a little more user-friendly than something like MACHINE_CHECK_EXCEPTION.

The QR code feature isn't mentioned in build 14316's release notes, although it hasn't escaped people's attention. The version was emitted last week to testers.

Here's what the QR Code of Death looks like:

Neat idea, huh. Except we can imagine the fun malware will have with this. Fake a system crash by popping up a blue screen, show a QR code that links to a malicious website, and fool someone into opening it on their browser. From there you can offer crap PC repair software (your machine just "crashed", after all), pretend to be Microsoft offering updates to fix your PC, and so on.

We'll wait to see where Redmond's engineers take this. ®


Biting the hand that feeds IT © 1998–2017