yitit
Home
/
Software
/
This Easily-Exploitable Windows 10 NTFS Bug Can Instantly Corrupt Your Hard Drives
This Easily-Exploitable Windows 10 NTFS Bug Can Instantly Corrupt Your Hard Drives
May 20, 2024 1:34 AM

Microsoft patched a number of flaws through the year's firstPatch Tuesday updates earlier in the week, but it appears an unpatched bug that has been exploited for a long time is yet to be addressed. According to @jonasLyk, a short, single-line command delivered through a specially crafted file can corrupt any Windows 10 NTFS-formatted hard drive.

Delivered through a ZIP, shortcut file, HTML, or other vectors, the command triggers hard drive errors corrupting the filesystem index without even requiring administrative privileges.

"Critically underestimated" Windows 10 NTFS vulnerability

Jonas says that this Windows 10 bug isn't new and has been around since the release of Windows 10 April 2018 Update, and remains exploitable on the latest versions, as well. BleepingComputer shared that the problematic command includes$i30 string, a Windows NTFS Index Attribute associated with directories.

NTFS VULNERABILITY CRITICALITY UNDERESTIMATED

-

There is a specially nasty vulnerability in NTFS right now.

Triggerable by opening special crafted name in any folder anywhere.'

The vulnerability will instant pop up complaining about yuor harddrive is corrupted when path is opened pic.twitter.com/E0YqHQ369N

— Jonas L (@jonasLyk) January 9, 2021

After running the command, Windows 10 will start displaying prompts to restart the device and repair the corrupted drive.Apparently, the issue also impacts someWindows XP versions and similar NTFS bugs have been known for years but are yet to be addressed by the Windows maker.

Nice find by @jonasLyk :

cd <specialdir>

Result: NTFS corruption

Other vectors:

- Open an ISO, VHD, or VHDX

- Extract a ZIP file

- Open an HTML file without a MoTW

- Probably more... pic.twitter.com/LY18Lo3J3m

— Will Dormann (@wdormann) January 9, 2021

It remains unclear why the string is causing hard drive corruption. In response to the report, Microsoft has said that the"use of thistechnique relies on social engineering andas alwaysweencourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers."

However, at least one example shared by Jonas with BP confirms that when using aWindows shortcut file (.url) with itsiconlocation set toC:\:$i30:$bitmap, a user doesn't even have to open the file for it to trigger the vulnerability. Microsoft said that it "will provide updates for impacted devices as soon as possible," so hopefully there's finally some fix coming for this stream of NTFS bugs.

Relevant: Leaked Windows 10X build offers us first look at the Chrome OS competitor

-More details over at BP

Comments
Welcome to yitit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
Software
Recent News
Nokia Ovi Suite 2.0 Preview
Nokia Ovi Suite 2.0 Preview
5 Most Useful Apps in Ovi Store
5 Most Useful Apps in Ovi Store
Samsung Galaxy Spica Gets Official Android 2.1 Upgrade
Samsung Galaxy Spica Gets Official Android 2.1 Upgrade
Verizon Droid Update Delayed Indefinitely?
Verizon Droid Update Delayed Indefinitely?
About
Terms and Conditions Privacy policy Cookie Settings
Services
Login register contact us
yitit Hardware Computing Mobile Finance Software Deals
Links
zpostcode Recruit weather mreligion Yellowpages sport constellation shopping name game directory literature Word tour furnish Lottery tftnews lyrics News digital car dir Edu Finance
Copyright 2023-2024 - www.yitit.com All Rights Reserved