Monday, January 18th 2021
Critical Flaw in Windows 10 Could Corrupt Your Hard Drive
Windows OS security is taken seriously, as the OS is wide-spread across millions of PCs around the world, however, there may be issues where OS has some security flaw that is found by external researchers. Due to the sheer code base of the new OS like Windows 10, there are a plethora of bugs and security flaws waiting to get discovered by someone. And today, thanks to the team of cybersecurity researchers, we have found out that in Windows 10 file-system called NTFS, there is a bug that corrupts your hard drive by simply triggering a specific variable name in a file.
If the end-user inside Windows 10 tries to access the NTFS attribute called "$i30" in a specific way, the flaw is exploited. The NTFS search index attribute, specifically the string "$i30", is containing a list of files and subfolders in a directory, and there is even a log of deleted files and folders. After running a specific command inside the command line (CMD) or inside the browser, Windows will start to display warnings of "File or directory is corrupted and cannot be read". After that, the OS will prompt a user to restart the machine and repair the damaged drive, so the Windows disk check utility will start. Once corrupted, Windows 10 will start displaying a notification indicating that the main file table (MFT) on the particular disk is corrupted and thus can not operate. Starting from the build Windows 10 Build 1803 the OS is vulnerable until the current version and a possible fix is expected to be released soon.
Sources:
Jonas L (Twitter), Siam Alam (Twitter), via Security Newspaper
If the end-user inside Windows 10 tries to access the NTFS attribute called "$i30" in a specific way, the flaw is exploited. The NTFS search index attribute, specifically the string "$i30", is containing a list of files and subfolders in a directory, and there is even a log of deleted files and folders. After running a specific command inside the command line (CMD) or inside the browser, Windows will start to display warnings of "File or directory is corrupted and cannot be read". After that, the OS will prompt a user to restart the machine and repair the damaged drive, so the Windows disk check utility will start. Once corrupted, Windows 10 will start displaying a notification indicating that the main file table (MFT) on the particular disk is corrupted and thus can not operate. Starting from the build Windows 10 Build 1803 the OS is vulnerable until the current version and a possible fix is expected to be released soon.
124 Comments on Critical Flaw in Windows 10 Could Corrupt Your Hard Drive
Yeah I miss 1709.
You're article is basically an invitation for hackers to have fun with this. Shame on you.
Shame on you ;)
It corrupts NTFS file system. The degree of that corruption is not clear. It appears that in many or most cases, running chkdsk as prompted will fix the corruption.
There are also some reports saying this can corrupt file system so that chkdsk will fail to fix it and result in bluescreen at boot. At the same time I have seen links to an existing chkdsk issue that reportedly causes these boot failures so it is possible that failure to boot is a combination of the two.
And YES I have done all the registry policy and O&O shut ups to stop forced update. But somehow, MS, automagically does it anyway.
1709 was the best performer benchmark wise.I use update mini tool it hasn't failed me yet.
Seriously, though, maybe there's some hidden subroutine that verifies that Windows Update is up and running?
Heck, at this point I'm surprised Microsoft hasn't really locked down WU.
--
It a good thing to delay updates, althought windows finally added a timed delay, nothing beats an indefinite delay like a good firewall can provide.
Don't remember those bugs
I just benchmark with 10 and 1709 did it best.
Don't try it on your PC.
No I won't.
Probably
By default, I have the update services disabled. The script enables them, launches WuMgr, and waits for it to be closed. Then it disables the services again.
Aside from some issues WuMgr has, this solution has been working fine for me.
If only I knew C# so I could take over development on WuMgr...
Think about that very carefully while you ponder your next condescending comment. :rolleyes: