A serious Windows 10 flaw could corrupt your hard drive if you open a folder

[ad_1]

A security researcher has revealed details of a strange bug that could lead to corruption of an NTFS hard drive in Windows 10, as well as unsupported Windows XP. What makes the bug so serious and unusual is that it can be triggered without the user having to open a file.

The bug – which has been around for about three years – can corrupt a hard drive if a user simply views the contents of a folder containing a specially crafted file. Although Microsoft is aware of the issue with the $ i30 NTFS attribute, a fix has not yet been produced.

See also:

Writing on Twitter, security researcher Jonas L explains, “There is currently a particularly nasty vulnerability in NTFS. Triggerable by opening a specially crafted name in any folder anywhere. The vulnerability will instantly appear to complain that your hard drive is corrupted when the path is opened “.

The vulnerability can be triggered remotely if any service allows the opening of files with specific names.
It can be embedded in HTML, shared folders, etc.
So far only the consequence was to run chkdsk on boot, but now the MFT has corrupted

– Jonas L (@jonasLyk) January 9, 2021

So how does the flaw work?

As Bleeping Computer explains – with an appropriate warning – running the cd c: : $ i30: $ bitmap command will essentially destroy a drive (so do not do it!). But there are actually several ways to cause hard drive corruption; most disturbing is the method which simply requires someone to view the contents of the folder. The vulnerability can be exploited even on user accounts that do not have administrator rights.

Jonas also found that if a shortcut file was created with its icon location set to C: : $ i30: $ bitmap, then just opening the folder containing that file would corrupt a drive. There are, of course, various ways in which such a malicious shortcut could be implanted on a computer, and a user would be tricked into opening its containing folder.

Another security researcher, Siam Alam, demonstrated another way to trigger drive corruption:

Microsoft is currently working on producing a fix. In a statement to Verge, the company said, “We are aware of this issue and will provide an update in a future release. Use of this technique is based on social engineering and as always we encourage our customers to adopt good online computing habits, in particular by being careful when opening unknown files or when accepting file transfers ”.

Image Credit: David Carillet / Shutterstock

[ad_2]

Source link