Windows 10 harbors a new zero day security flaw. According to our colleagues from the Bleeding Computer site and the computer security researcher Jonas L, this vulnerability allows to corrupt a hard drive formatted in NFTS with a single command line.
Although Microsoft fixed 83 security flaws with the January 2021 patch Tuesday, it seems that a zero day flaw has slipped through the cracks. According to our colleagues at the Bleeding Computer site and information security researcher Jonas L, this vulnerability allows an attacker to corrupt a hard drive formatted in NFTS.
As a reminder, NFTS is a file format used on Windows since Windows XP. It has the advantage of offering many security-related features, such as permission to access files, a change log or even data encryption. In addition, it offers a limitation on the maximum size of files and particularly large partitions: 16 TB max for files and 256 TB for partitions.
Also read: Windows 10 – bug causes random reboots, Microsoft is rolling out a fix
A flaw present since April 2018
Security researcher Jonas L. has been trying to draw Microsoft’s attention to this flaw since August 2020, with no obvious success. When it is exploited, it allows to instantly corrupt a hard drive in NTFS, forcing Windows to restart the PC to repair corrupt files.
According to Jonas L. this flaw has become exploitable since Windows 10 Build 1803 deployed in April 2018 and it has persisted since. The worst part is that this flaw can be exploited by standard user accounts, without elevated privileges. And the icing on the cake, it only takes one command line to use it.
NTFS VULNERABILITY CRITICALITY UNDERESTIMATED
There is a specially nasty vulnerability in NTFS right now.
Triggerable by opening special crafted name in any folder anywhere.’
The vulnerability will instant pop up complaining about yuor harddrive is corrupted when path is opened pic.twitter.com/E0YqHQ369N
– Jonas L (@jonasLyk) January 9, 2021
Bleeding Computer just gave it a try with one of these command lines. For safety, we won’t share it here, but you can find it at the source of this article. After several tests, the Bleeding Computer teams noticed that a simple Windows shortcut file whose location is defined on this command line can trigger the vulnerability. And this without the user opening the file.
According to Jonas L, serious vulnerabilities of this ilk have been known for years and have still not been corrected by Microsoft. Bleeding Computer contacted the manufacturer to find out if they were aware of this flaw and if a fix was on the way. “Microsoft has made a commitment to its customers to investigate reported security issues and we will provide updates for affected devices as soon as possible ”, assured the Redmond firm.
Source : Bleeding Computer
*The article has been translated based on the content of PhonAndroid by www.phonandroid.com. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!