This Windows 10 NTFS error can immediately damage your hard drives

Image: Reddit / Is_It_Me_or_Not

Microsoft released a number of bugs earlier this week through the annual first update of Patch Tuesday, but it appears that a bug that has not been used for a long time has yet to be addressed. According to @jonasLyk, a short, single-line command delivered by a specially crafted file can damage any Windows 10 NTFS formatted hard drive.

The command is delivered by means of a zip, shortcut, HTML or other vectors, and it causes the hard disk error which damages the file system index without even requiring administrative privileges.

New RS_PRERELEASE Build 21292 is available with a lot of fixes and an improvement to the privacy settings

Windows 10 NTFS Vulnerability Critically Underestimated

Jonas says that this Windows 10 bug is not new and that it has been around since the release of Windows 10 April 2018 Update, and that it can also be used on the latest versions. BleepingComputer shared that the problematic assignment includes $ i30 string, a Windows NTFS index attribute associated with directories.

NTFS VULNERABILITY CRITICISM UNDERESTIMATED
–
There is currently a very nasty vulnerability in NTFS.
Activable by opening specially crafted name in any folder anywhere. ‘
The vulnerability will immediately appear and complain that your hard drive is damaged when the road is opened pic.twitter.com/E0YqHQ369N

– Jonas L (@jonasLyk) 9 January 2021

After the command is executed, Windows 10 prompts you to restart the device and repair the damaged disk. Apparently, the effects on some Windows XP versions and similar NTFS errors have been known for years, but have not yet been addressed by the Windows manufacturer.

Nice find by @jonasLyk :
cd

Result: NTFS corruption
Other vectors:
– Open an ISO, VHD or VHDX
– Extract a zip file
– Open an HTML file without a MoTW
– Probably more … pic.twitter.com/LY18Lo3J3m

– Will Dormann (@wdormann) 9 January 2021

It remains unclear why the string causes corruption on the hard drive. In response to the report, Microsoft said that “the use of this technique depends on social engineering and, as always, we encourage our customers to practice good computer habits online, including being careful when opening unknown files or accepting file transfers. “

January 2021 KB4598242 Patch Tuesday Update is live for Windows 10 versions 20H2 and 2004

However, at least one example Jonas shared with BP confirms that a user does not even have to open the file when using a Windows shortcut file (.url) with the location of the C: : $ i30 icon: $ bitmap. to cause the vulnerability. Microsoft said it would “provide updates for affected devices as soon as possible”, and hopefully there will eventually be a solution to this stream of NTFS errors.

– More details on this at BP