Serious bug in Windows 10 could damage your hard drive if you open a folder

A security researcher has revealed details of a bug that could lead to an NTFS hard drive that corrupts Windows 10, as well as Windows XP that is not supported. What makes the error so serious and unusual is that it can be activated without the user having to open a file.

The bug – which appears to exist for about three years – can damage a hard drive if the user simply sees the contents of a folder containing a specially crafted file. Although Microsoft is aware of the issue that affects the $ i30 NTFS feature, there is still some work to be done.

See also:

Jonas L, who writes on Twitter, explains: ‘There is currently a very nasty vulnerability in NTFS. You can enable it by opening a specially crafted name in any folder anywhere. The vulnerability will immediately appear and complain about your hard drive being damaged when the road is opened ‘.

The vulnerability can be activated remotely if there is any service that allows the files of specific names to be opened.
It can be embedded in HTML, cut folders, etc.
So far only chkdsk has been on boot, but now the MFT is corrupt

– Jonas L (@jonasLyk) 9 January 2021

So, how does the error work?

As Bleeping Computer explains – complete with an appropriate warning – to execute the command cd: c: : $ i30: $ bitmap will destroy a drive (hence do not do it!). But there are actually different ways in which hard disk corruption can be caused; the most worrying is the method that requires someone to simply view the contents of the folder. The vulnerability could be exploited even on user accounts that do not have administrator privileges.

Jonas also found that if a shortcut file was created with the location of the icon on C: : $ i30: $ bitmap, it’s just enough to open the folder with the file, to damage a disk. There are, of course, various ways in which such a malicious shortcut can be implanted on a computer, and can mislead a user into opening the table of contents.

Another security researcher, Siam Alam, has shown another way to crack down on corruption:

Microsoft is currently working on a solution. In a statement given to the Verge, the company said: “We are aware of this issue and will provide an update in a future version. The use of this technique is based on social engineering and as always we encourage ourselves customers to practice good computer habits online, including being careful when opening unknown files or accepting file transfers “.

Image Credit: David Carillet / Shutterstock