Microsoft says it plans to fix a bizarre Windows 10 bug that could damage a hard drive by simply looking at an icon. Security researcher Jonas L first warned about the bug earlier this week and described it as a ‘nasty vulnerability.’ Attackers can hide a specially designed line in a ZIP file, a folder, or even a simple Windows shortcut. All a Windows 10 user needs to do is extract the ZIP file or simply look at a directory containing a malicious shortcut, which automatically causes hard drive corruption.
Will Dormann, a Vulnerability Analyst at the CERT Coordination Center (CERT / CC), confirmed the findings, and note that there may be more ways to cause NTFS corruption. Dormann also revealed that the vulnerability has existed in Windows 10 for almost three years, and that he reported another NTFS issue two years ago it was still not corrected.
“We are aware of this issue and will provide an update in a future release,” a Microsoft spokesman said in a statement. The edge. “The use of this technique is based on social engineering and, as always, encourages our customers to practice good computer skills online, including being careful when opening unknown files or accepting file transfers.”
Others have found that the vulnerability also occurs when you paste the offending string into a browser in the address bar. Bleeping Computer it too tested the bug in various ways and pointed out that it would prompt Windows 10 users to restart a computer to repair the damaged disk records. The reboot will cause the Windows chkdsk process, which should successfully repair the corruption.
However, the recovery process is not always automatic. Say Dormann it may require manual intervention to successfully repair the damaged disk records. The error also does not require admin privileges to activate the correct or special write conditions. This can make it problematic for IT administrators if chkdsk does not automatically repair the affected chips.