Security News > 2021 > January > Windows 10 bug corrupts your hard drive on seeing this file's icon
An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command.
The researcher told BleepingComputer that the flaw became exploitable starting around Windows 10 build 1803, the Windows 10 April 2018 Update, and continues to work in the latest version.
After the drives become corrupted, Windows 10 will generate errors in the Event Log stating that the Master File Table for the particular drive contains a corrupted record.
As observed by BleepingComputer, as soon as this shortcut file is downloaded on a Windows 10 PC, and the user views the folder it is present in, Windows Explorer will attempt to display the file's icon.
To do this, Windows Explorer would attempt to access the crafted icon path inside the file in the background, thereby corrupting the NTFS hard drive in the process.
In some tests, after the Windows 10 chkdsk utility had "Repaired" the hard drive errors on reboot, the contents of the exploit file, in this case, the crafted Windows shortcut with its icon set to C::$i30:$bitmap would be cleared and replaced with empty bytes.
News URL
Related news
- Windows 10 KB5041580 update released with 14 fixes, security updates (source)
- New Windows 10 22H2 beta fixes memory leaks and crashes (source)
- Windows 10 KB5041582 update released with 5 changes and fixes (source)
- Windows 10 KB5043064 update released with 6 fixes, security updates (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Windows 10 KB5043131 update released with 9 changes and fixes (source)