Critical Flaw in Windows 10 Could Corrupt Your Hard Drive

[AleksandarK]

Windows OS security is taken seriously, as the OS is wide-spread across millions of PCs around the world, however, there may be issues where OS has some security flaw that is found by external researchers. Due to the sheer code base of the new OS like Windows 10, there are a plethora of bugs and security flaws waiting to get discovered by someone. And today, thanks to the team of cybersecurity researchers, we have found out that in Windows 10 file-system called NTFS, there is a bug that corrupts your hard drive by simply triggering a specific variable name in a file.

If the end-user inside Windows 10 tries to access the NTFS attribute called "$i30" in a specific way, the flaw is exploited. The NTFS search index attribute, specifically the string "$i30", is containing a list of files and subfolders in a directory, and there is even a log of deleted files and folders. After running a specific command inside the command line (CMD) or inside the browser, Windows will start to display warnings of "File or directory is corrupted and cannot be read". After that, the OS will prompt a user to restart the machine and repair the damaged drive, so the Windows disk check utility will start. Once corrupted, Windows 10 will start displaying a notification indicating that the main file table (MFT) on the particular disk is corrupted and thus can not operate. Starting from the build Windows 10 Build 1803 the OS is vulnerable until the current version and a possible fix is expected to be released soon.


View at TechPowerUp Main Site

 

[ThrashZone]

Hi,
Yeah I miss 1709.

 

[FreedomEclipse]

Windows 10 - the gift that keeps on giving.

 

[N3utro]

Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.

 

[TheoneandonlyMrK]

Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.

It's widely reported the same?!

 

[Vayra86]

Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.

Your.

Shame on you

 

[Fouquin]

Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.

This has been reported on since August 2020. This is not even remotely news. This 'vulnerability' is so incredibly dangerous that chkdsk can just fix it on boot...

 

[wurschti]

Hi,
Yeah I miss 1709.

same... I hate it that MS force updates the OS even if most of what the new shit we get is useless features.

 

[windwhirl]

I hate it that MS force updates the OS even if most of what the new shit we get is useless features.

I don't mind the forced updates much, but I wish they'd invest more money in QA and bug fixing.

 

[londiste]

This quite definitely does not damage a hard drive.
It corrupts NTFS file system. The degree of that corruption is not clear. It appears that in many or most cases, running chkdsk as prompted will fix the corruption.

There are also some reports saying this can corrupt file system so that chkdsk will fail to fix it and result in bluescreen at boot. At the same time I have seen links to an existing chkdsk issue that reportedly causes these boot failures so it is possible that failure to boot is a combination of the two.

 

[lemonadesoda]

same... I hate it that MS force updates the OS even if most of what the new shit we get is useless features.

Yep. I have another unwanted forced update last night.

And YES I have done all the registry policy and O&O shut ups to stop forced update. But somehow, MS, automagically does it anyway.

 

[ThrashZone]

same... I hate it that MS force updates the OS even if most of what the new shit we get is useless features.

Hi,
1709 was the best performer benchmark wise.

Yep. I have another unwanted forced update last night.

And YES I have done all the registry policy and O&O shut ups to stop forced update. But somehow, MS, automagically does it anyway.

I use update mini tool it hasn't failed me yet.

 

[windwhirl]

Yep. I have another unwanted forced update last night.

And YES I have done all the registry policy and O&O shut ups to stop forced update. But somehow, MS, automagically does it anyway.

Microsoft: "You can not stop what is to come"

Seriously, though, maybe there's some hidden subroutine that verifies that Windows Update is up and running?

Heck, at this point I'm surprised Microsoft hasn't really locked down WU.

 

[TheUn4seen]

Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.

You get really worked up over nothing. First, this was reported many months ago, second, it does nothing. Windows is, at it's core, layers of hastily written and slapped together code, this is just part of NTFS index which gets exposed to everything, including the browser. Laziness on Microsoft's part, yes. Dangerous in itself, not really. Unless you start digging and checking what else is exposed in a similar way...

 

[1d10t]

I already disable indexing option along with file history. I just don't like 'em.

 

[DeathtoGnomes]

Windows 10 - the gift that keeps on giving.

I'm sorry I just cannot tell if you are being sarcastic or not, but here let me fix that for you..

Windows 10Microsoft - the gift that keeps on giving.

--
It a good thing to delay updates, althought windows finally added a timed delay, nothing beats an indefinite delay like a good firewall can provide.

 

[qubit]

Damn, this is bad, probably one of the worst, as the potential cost in terms of money and other ways of data loss is huge. Thankfully, this kind of problem is rare.

 

[bigdogge]

Hi,
Yeah I miss 1709.

Wasn't 1709 the one with that bug in where file explorer windows would snap to horizontal right when selecting multiple files? Or was it 1709 that fixed that bug whilst simultaneously resetting your default browser to Edge?

 

[ThrashZone]

Wasn't 1709 the one with that bug in where file explorer windows would snap to horizontal right when selecting multiple files? Or was it 1709 that fixed that bug whilst simultaneously resetting your default browser to Edge?

Hi,
Don't remember those bugs
I just benchmark with 10 and 1709 did it best.

 

[laszlo]

nice "feature" ... for sure those scam support services will use this...

 

[AltCapwn]

Can I post the command line?

Don't try it on your PC.

 

[Vayra86]

Oh this is going to be a LOT of fun at work tomorrow.

No I won't.
Probably

 

[AltCapwn]

Oh this is going to be a LOT of fun at work tomorrow.

No I won't.
Probably

The new gag if someone left its PC unlocked.

 

[zlobby]

Instead of giving specific details of a 0day problem that could lead to some people exploiting it, you could just be more vague and wait for a fix.

You're article is basically an invitation for hackers to have fun with this. Shame on you.

Nah, that's not how progress is made. Besides, if one doesn't have a backup plan for a corrupted drive, one probably deserves a corrupted drive.

 

[sam_86314]

same... I hate it that MS force updates the OS even if most of what the new shit we get is useless features.

I use WuMgr and a script I wrote to disable automatic updates.

By default, I have the update services disabled. The script enables them, launches WuMgr, and waits for it to be closed. Then it disables the services again.

Aside from some issues WuMgr has, this solution has been working fine for me.

If only I knew C# so I could take over development on WuMgr...