Windows 10 Anniversary Update's new Blue Screen QR codes could put your smartphone at serious risk
PCs can go wrong in all sorts of ways, and the problems can manifest themselves in the form of slowdowns, freezes, or worse. Occasionally, you might encounter a blue screen of death (BSOD), accompanied by a usually pretty cryptic message outlining the cause of the crash.
In the soon-to-be released Windows 10 Anniversary Update, Microsoft has given the blue screen a makeover, introducing QR codes to make it easier for anyone to troubleshoot the problems they encounter. It’s a helpful change, but Panda Security warns it could actually be a godsend to cybercriminals, and result in users having personal details stolen, and smartphones getting infected with drive-by malware.
The problem is that QR codes, or rather the links they contain, can be really powerful tools for attackers. As Panda Security explains:
First, a cybercriminal could simulate that your computer has an error, and send your computer a fake "blue screen of death". Then the criminal could add a QR code with a link that will take you to an unexpected and malicious website that will install drive-by malware.
That in itself is bad enough, but things could get worse:
If the cybercriminal wants to be very sly, they could design an entire website that looks like an official Microsoft one and use it to phish for log-in information and personal data. Uneducated computer users are the easiest victims for this type of trap.
QR codes are a great invention, and make it much easier to access information with your smartphone, or other device, but you don’t actually know a lot of the time where the link they contain is going to take you, and that’s the problem here.
It’s possible cybercriminals won’t make use of the new QR codes in this way, but it’s equally possible they will, once the Anniversary Update has made its way on to a sizable enough number of Windows 10 devices. Attackers are always on the lookout for new ways to compromise smartphones, and this could be an easy option.
The solution, as always, is to have your wits about you, install a good security app, and make sure you know where a link, or QR code, is going to take you before you follow it.