Security News > 2021 > January > Windows 10 bug corrupts your hard drive on seeing this file's icon
An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command.
The researcher told BleepingComputer that the flaw became exploitable starting around Windows 10 build 1803, the Windows 10 April 2018 Update, and continues to work in the latest version.
After the drives become corrupted, Windows 10 will generate errors in the Event Log stating that the Master File Table for the particular drive contains a corrupted record.
As observed by BleepingComputer, as soon as this shortcut file is downloaded on a Windows 10 PC, and the user views the folder it is present in, Windows Explorer will attempt to display the file's icon.
To do this, Windows Explorer would attempt to access the crafted icon path inside the file in the background, thereby corrupting the NTFS hard drive in the process.
In some tests, after the Windows 10 chkdsk utility had "Repaired" the hard drive errors on reboot, the contents of the exploit file, in this case, the crafted Windows shortcut with its icon set to C::$i30:$bitmap would be cleared and replaced with empty bytes.
News URL
Related news
- Windows 10 KB5044273 update released with 9 fixes, security updates (source)
- Windows 10 KB5045594 update fixes multi-function printer bugs (source)
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Windows 10 KB5046613 update released with fixes for printer bugs (source)
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Windows 10 KB5046714 update fixes bug preventing app uninstalls (source)
- New Windows 10 0x80073CFA fix requires installing WinAppSDK 3 times (source)