Security researchers have warned about a Windows 10 bug that can cause major damage to your hard drive, and all it takes is to look at a folder it's hiding in. Much like Medusa from Greek mythology, it can turn your hard drive to stone — or in realistic terms, corrupt it.
Posted by security researcher Jonas L, it's described as a "critically underestimated" NTFS (NT File System storing and retrieving files on a hard disk) vulnerability. He states it's triggered when a "specially crafted" line of code is placed in any folder, or desktop icon, and is then simply opened or looked at. Users will then get a pop-up message stating there is something wrong with the hard drive.
Affected users will then be asked to reboot their PCs to repair disk errors and the hard drive.
- Check out how to use Windows 10
- Here's how to make a GIF on Windows 10
- Here's a first look at Microsoft's new Windows 10X OS
NTFS VULNERABILITY CRITICALITY UNDERESTIMATED-There is a specially nasty vulnerability in NTFS right now.Triggerable by opening special crafted name in any folder anywhere.'The vulnerability will instant pop up complaining about yuor harddrive is corrupted when path is opened pic.twitter.com/E0YqHQ369NJanuary 9, 2021
What's more, the line could be placed in a ZIP folder, and once extracted, it can immediately corrupt your hard drive. Apparently, the researcher told Bleeping Computer that the problem had been around since the Windows 10 April 2018 update. Yikes.
Vulnerability analyst Will Dormann later proved the Windows 10 bug, listing other potential threats including opening an ISO, VHD, or VHDX, opening an HTML file without a MoTW, and "probably more..."
Nice find by @jonasLyk :cd
Result: NTFS corruptionOther vectors: - Open an ISO, VHD, or VHDX- Extract a ZIP file- Open an HTML file without a MoTW- Probably more... pic.twitter.com/LY18Lo3J3mJanuary 9, 2021
Talking to The Verge, Microsoft stated that it is aware of the issue, and will push out an update to fix the bug in the future.
“We are aware of this issue and will provide an update in a future release,” a Microsoft spokesperson told The Verge. “The use of this technique relies on social engineering and as always we encourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers.”
Microsoft also told Bleeping Computer that it will provide updates for impacted devices as soon as possible. Until it does, be wary about opening unknown folders or extracting ZIP files, as it may be your hard drive's last time doing so.
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.