Skip to content
Lagos, Nigeria
info@ezefidelity.com
Ezefidelity
  • News
  • Tutorial
  • 101
  • Spotlight
  • Games
Ezefidelity
  • News
  • Tutorial
  • 101
  • Spotlight
  • Games

‘Nasty’ Windows 10 bug can corrupt a hard drive by you looking at a file

  • by curator
  • in Curated
  • on January 15, 2021
0


A “nasty” NTFS vulnerability in Windows 10 has been highlighted yet again by infosec researcher Jonas L. The vulnerability can be exploited with a single-line command and when exploited, corrupts an NTFS-formatted hard drive. Following the corruption, Windows will prompt a person to restart their computer to fix the issue.

Attackers can hide the line of code inside a ZIP file, folder, or even a Windows shortcut file. If the bug is exploited correctly, it can corrupt a drive without someone even opening the malicious file. BleepingComputer found that once a shortcut file was downloaded to a Windows 10 PC and is viewed within a folder, Windows Explorer will attempt to display the files’ icon. As a result, the attack will take place and an NTFS hard drive will be corrupted.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

In layman’s terms, if people look at a certain folder or extract a ZIP file that has a certain piece of code on their PC, it will cause some drives to be corrupted.

Jonas L explained to BleepingComputer that the vulnerability became exploitable with Windows 10 build 1803, also known as the Windows 10 April 2018 Update. The bug persists into newer versions of Windows 10 as well. Jonas L also flagged up the vulnerability in August 2020 and October 2020.

The vulnerability can be remotely triggered if having any kind of service allowing file opens of specific names to happen.
Its embeddable in HTML, sharred folders etc.
Until now only consequence have been running chkdsk on boot- but now the MFT have corrupted

— Jonas L (@jonasLyk) January 9, 2021

Microsoft responded to The Verge regarding the bug, stating:

We are aware of this issue and will provide an update in a future release. The use of this technique relies on social engineering and as always we encourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers.

The vulnerability can also be exploited if you paste a certain string of code into the address bar in a browser. Windows 10 will try to automatically repair the drive corruption but vulnerability analyst Will Dormann notes that it could require manual intervention to repair.

These are the biggest PC announcements from CES 2021

See you next year
Contents show
1 These are the biggest PC announcements from CES 2021
2 Share this, your friend will love you for it:
3 Like this:
4 Related


These are the biggest PC announcements from CES 2021

CES 2021 was different in that it wasn’t held at a physical location. Instead, companies relied on press kits and virtual presentations to showcase all the new products. We’ve rounded up the best PC-related announcements in case you happened to miss the show.

FB.Event.subscribe('xfbml.ready', function(msg) { // Log all the ready events so we can deal with them later var events = fbroot.data('ready-events'); if( typeof(events) === 'undefined') events = []; events.push(msg); fbroot.data('ready-events',events); });

var fbroot = $('#fb-root').trigger('facebook:init'); };



This post was written by Sean Endicott and was first posted to WindowsCentral

Share this, your friend will love you for it:

  • WhatsApp
  • Facebook
  • Twitter
  • Pinterest
  • Telegram
  • LinkedIn
  • Reddit
  • Tumblr
  • Pocket
  • Skype
  • Print

Like this:

Like Loading...

Related



Do you find this article helpful? Your Friend might too. So, please Share it with them using the Share button above.
Will you like to get notified when I post new updates? Then Follow me on any of my social media handles: Google News, Telegram, WhatsApp, Twitter, Facebook, Pinterest.
You can also drop your email address below if you wish to be notified by mail.


Tags: Curated, Windows Central

Post navigation

Previous: Previous post: Martian drone project lands $3.1 million grant to test tech over Mars-like Icelandic lava field
Next: Next post: 6 Best Bluetooth Headphones for Making Phone Calls
ad
Follow Me
  • Facebook
  • Twitter
  • Pinterest
  • WhatsApp
Have you seen this?
  • How to Avoid Buying a “Fake” HDMI 2.1 CableHow to Avoid Buying a “Fake” HDMI 2.1 Cable
  • How to extract & decompress BZ2 file in Windows 10
  • How To Install Windows 10 20H2 Update Without USBHow To Install Windows 10 20H2 Update Without USB
  • You need a new Bluetooth travel mouse — these are the best of ’em
  • The Cost of Parmesan Might Go Up, So Grate and Sprinkle While You CanThe Cost of Parmesan Might Go Up, So Grate and Sprinkle While You Can
  • Omegle camera not working on Windows 10 [Easy Fix]
  • Our top picks for JRPGs on Xbox One, Series X and Series S in 2020
  • Xbox Cloud Gaming is being previewed in four new markets next week
  • KB4586830 improves Group Policy and fixes many Windows tools
  • 10 Best Free Adware Removal Tools For Windows in 2021
Get the best tutorials via mail.
ad
July 2022
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031
« May    

Services

  • CryLab
  • Word Counter Tool

Other Info

  • About
  • Disclaimer
  • Subscribe

Favourite Quote

Peaceful people are happy people.

Ezefidelity

©  2022 Ezefidelity. Built using WordPress and the Highlight Theme

%d bloggers like this: