Published:

Windows 10 NTFS Vulnerability Corrupts Your Hard Drive With A Simple Hidden Command

Microsoft has confirmed the existence of a vulnerability in the Windows 10 NTFS file system that can corrupt hard drive data with a simple hidden command.

The security researcher Jonas L. has already drawn attention to this vulnerability in Windows 10 that has not yet been fixed. According to this, an NTFS file system can be damaged with a simple one-liner via the command prompt or via a prepared file. The command can be executed with simple user rights.

The problem is in one of the attributes used by NTFS to index files and folders that have been deleted — that can be especially useful for retrieval or forensic work.

However, Jonas L has found that if you try to access this attribute from a command terminal, the drive will be corrupted, and stored data can be lost. It is not yet clear why this occurs, but other researchers such as those at BleepingComputer have been able to replicate the same results.

There are two details that make the situation worse. The first is that it is very easy to cause this problem, since it is only necessary to open a terminal and execute the command in question (which we will not publish for safety).

The second problem is that because the command is so basic, you don’t need advanced permissions to run it. Therefore, any program or user connected to the computer can use it, such as an external attacker.

It is enough to open a compressed file, a web page, or a shortcut to execute the command without realizing it and corrupt our storage. It is even possible to create a file with a specific icon, which, when loaded by Windows Explorer, execute the command.

An attacker who wanted to do damage would only have to share a modified file to execute the command in question. Furthermore, the door opens to exploit this vulnerability in other ways and by other vectors.

Windows 10 NTFS vulnerability

Despite this, Microsoft has not yet released a patch to fix this problem, prompting the researcher to publish a new notice, stating that this ‘bug’ is “critically underestimated” because of the damage it can do and how easy it is to be a victim of it.

The good news is that a Microsoft representative has confirmed that the company is aware of this issue and will release an update that will fix it. The bad news that there is still no specific date. Microsoft recommends using caution when opening unknown files or accepting file transfers.

Sabarinath
Sabarinathhttps://techlog360.com
Sabarinath is the tech-savvy founder and Editor-in-Chief of TechLog360. With years of experience in the tech industry and a computer science background, he's an authority on the latest tech news, business insights, and app reviews. Trusted for his expertise and hands-on tips for Android and iOS users, Sabarinath leads TechLog360 with a commitment to accuracy and helpfulness. When not immersed in the digital world, he's exploring new gadgets or sharing knowledge with fellow tech enthusiasts.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream