Monday, January 18th 2021

Critical Flaw in Windows 10 Could Corrupt Your Hard Drive

Windows OS security is taken seriously, as the OS is wide-spread across millions of PCs around the world, however, there may be issues where OS has some security flaw that is found by external researchers. Due to the sheer code base of the new OS like Windows 10, there are a plethora of bugs and security flaws waiting to get discovered by someone. And today, thanks to the team of cybersecurity researchers, we have found out that in Windows 10 file-system called NTFS, there is a bug that corrupts your hard drive by simply triggering a specific variable name in a file.

If the end-user inside Windows 10 tries to access the NTFS attribute called "$i30" in a specific way, the flaw is exploited. The NTFS search index attribute, specifically the string "$i30", is containing a list of files and subfolders in a directory, and there is even a log of deleted files and folders. After running a specific command inside the command line (CMD) or inside the browser, Windows will start to display warnings of "File or directory is corrupted and cannot be read". After that, the OS will prompt a user to restart the machine and repair the damaged drive, so the Windows disk check utility will start. Once corrupted, Windows 10 will start displaying a notification indicating that the main file table (MFT) on the particular disk is corrupted and thus can not operate. Starting from the build Windows 10 Build 1803 the OS is vulnerable until the current version and a possible fix is expected to be released soon.
Sources: Jonas L (Twitter), Siam Alam (Twitter), via Security Newspaper
Add your own comment

122 Comments on Critical Flaw in Windows 10 Could Corrupt Your Hard Drive

#2
FreedomEclipse
~Technological Technocrat~
Windows 10 - the gift that keeps on giving.
Posted on Reply
#3
N3utro
Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.
Posted on Reply
#4
TheoneandonlyMrK
N3utro
Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.
It's widely reported the same?!
Posted on Reply
#5
Vayra86
N3utro
Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.
Your.

Shame on you ;)
Posted on Reply
#6
Fouquin
N3utro
Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.
This has been reported on since August 2020. This is not even remotely news. This 'vulnerability' is so incredibly dangerous that chkdsk can just fix it on boot...
Posted on Reply
#7
3rold
ThrashZone
Hi,
Yeah I miss 1709.
same... I hate it that MS force updates the OS even if most of what the new shit we get is useless features.
Posted on Reply
#8
windwhirl
3rold
I hate it that MS force updates the OS even if most of what the new shit we get is useless features.
I don't mind the forced updates much, but I wish they'd invest more money in QA and bug fixing.
Posted on Reply
#9
londiste
This quite definitely does not damage a hard drive.
It corrupts NTFS file system. The degree of that corruption is not clear. It appears that in many or most cases, running chkdsk as prompted will fix the corruption.

There are also some reports saying this can corrupt file system so that chkdsk will fail to fix it and result in bluescreen at boot. At the same time I have seen links to an existing chkdsk issue that reportedly causes these boot failures so it is possible that failure to boot is a combination of the two.
Posted on Reply
#10
lemonadesoda
3rold
same... I hate it that MS force updates the OS even if most of what the new shit we get is useless features.
Yep. I have another unwanted forced update last night.

And YES I have done all the registry policy and O&O shut ups to stop forced update. But somehow, MS, automagically does it anyway.
Posted on Reply
#11
ThrashZone
3rold
same... I hate it that MS force updates the OS even if most of what the new shit we get is useless features.
Hi,
1709 was the best performer benchmark wise.
lemonadesoda
Yep. I have another unwanted forced update last night.

And YES I have done all the registry policy and O&O shut ups to stop forced update. But somehow, MS, automagically does it anyway.
I use update mini tool it hasn't failed me yet.
Posted on Reply
#12
windwhirl
lemonadesoda
Yep. I have another unwanted forced update last night.

And YES I have done all the registry policy and O&O shut ups to stop forced update. But somehow, MS, automagically does it anyway.
Microsoft: "You can not stop what is to come"

Seriously, though, maybe there's some hidden subroutine that verifies that Windows Update is up and running?

Heck, at this point I'm surprised Microsoft hasn't really locked down WU.
Posted on Reply
#13
TheUn4seen
N3utro
Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.
You get really worked up over nothing. First, this was reported many months ago, second, it does nothing. Windows is, at it's core, layers of hastily written and slapped together code, this is just part of NTFS index which gets exposed to everything, including the browser. Laziness on Microsoft's part, yes. Dangerous in itself, not really. Unless you start digging and checking what else is exposed in a similar way...
Posted on Reply
#14
1d10t
I already disable indexing option along with file history. I just don't like 'em.
Posted on Reply
#15
DeathtoGnomes
FreedomEclipse
Windows 10 - the gift that keeps on giving.
I'm sorry I just cannot tell if you are being sarcastic or not, but here let me fix that for you..
Windows 10Microsoft - the gift that keeps on giving.
:D :p :rolleyes:

--
It a good thing to delay updates, althought windows finally added a timed delay, nothing beats an indefinite delay like a good firewall can provide.
Posted on Reply
#16
qubit
Overclocked quantum bit
Damn, this is bad, probably one of the worst, as the potential cost in terms of money and other ways of data loss is huge. Thankfully, this kind of problem is rare.
Posted on Reply
#17
bigdogge
ThrashZone
Hi,
Yeah I miss 1709.
Wasn't 1709 the one with that bug in where file explorer windows would snap to horizontal right when selecting multiple files? Or was it 1709 that fixed that bug whilst simultaneously resetting your default browser to Edge?
Posted on Reply
#18
ThrashZone
bigdogge
Wasn't 1709 the one with that bug in where file explorer windows would snap to horizontal right when selecting multiple files? Or was it 1709 that fixed that bug whilst simultaneously resetting your default browser to Edge?
Hi,
Don't remember those bugs
I just benchmark with 10 and 1709 did it best.
Posted on Reply
#19
laszlo
nice "feature" ... for sure those scam support services will use this... :laugh:
Posted on Reply
#20
AltCapwn
Can I post the command line?

Don't try it on your PC.
Posted on Reply
#21
Vayra86
Oh this is going to be a LOT of fun at work tomorrow.

No I won't.
Probably
Posted on Reply
#22
AltCapwn
Vayra86
Oh this is going to be a LOT of fun at work tomorrow.

No I won't.
Probably
The new gag if someone left its PC unlocked.
Posted on Reply
#23
zlobby
N3utro
Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.
Nah, that's not how progress is made. Besides, if one doesn't have a backup plan for a corrupted drive, one probably deserves a corrupted drive.
Posted on Reply
#24
sam_86314
3rold
same... I hate it that MS force updates the OS even if most of what the new shit we get is useless features.
I use WuMgr and a script I wrote to disable automatic updates.

By default, I have the update services disabled. The script enables them, launches WuMgr, and waits for it to be closed. Then it disables the services again.

Aside from some issues WuMgr has, this solution has been working fine for me.

If only I knew C# so I could take over development on WuMgr...
Posted on Reply
#25
lexluthermiester
N3utro
Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

Your article is basically an invitation for hackers to have fun with this. Shame on you.
Really? So you think hackers who want to exploit this problem are going to look up TechPowerUp for hacking info? Hmmm? :kookoo::slap:

Think about that very carefully while you ponder your next condescending comment. :rolleyes:
Posted on Reply
Add your own comment