Monday, January 18th 2021
Critical Flaw in Windows 10 Could Corrupt Your Hard Drive
Windows OS security is taken seriously, as the OS is wide-spread across millions of PCs around the world, however, there may be issues where OS has some security flaw that is found by external researchers. Due to the sheer code base of the new OS like Windows 10, there are a plethora of bugs and security flaws waiting to get discovered by someone. And today, thanks to the team of cybersecurity researchers, we have found out that in Windows 10 file-system called NTFS, there is a bug that corrupts your hard drive by simply triggering a specific variable name in a file.
If the end-user inside Windows 10 tries to access the NTFS attribute called "$i30" in a specific way, the flaw is exploited. The NTFS search index attribute, specifically the string "$i30", is containing a list of files and subfolders in a directory, and there is even a log of deleted files and folders. After running a specific command inside the command line (CMD) or inside the browser, Windows will start to display warnings of "File or directory is corrupted and cannot be read". After that, the OS will prompt a user to restart the machine and repair the damaged drive, so the Windows disk check utility will start. Once corrupted, Windows 10 will start displaying a notification indicating that the main file table (MFT) on the particular disk is corrupted and thus can not operate. Starting from the build Windows 10 Build 1803 the OS is vulnerable until the current version and a possible fix is expected to be released soon.
Sources:
Jonas L (Twitter), Siam Alam (Twitter), via Security Newspaper
If the end-user inside Windows 10 tries to access the NTFS attribute called "$i30" in a specific way, the flaw is exploited. The NTFS search index attribute, specifically the string "$i30", is containing a list of files and subfolders in a directory, and there is even a log of deleted files and folders. After running a specific command inside the command line (CMD) or inside the browser, Windows will start to display warnings of "File or directory is corrupted and cannot be read". After that, the OS will prompt a user to restart the machine and repair the damaged drive, so the Windows disk check utility will start. Once corrupted, Windows 10 will start displaying a notification indicating that the main file table (MFT) on the particular disk is corrupted and thus can not operate. Starting from the build Windows 10 Build 1803 the OS is vulnerable until the current version and a possible fix is expected to be released soon.
124 Comments on Critical Flaw in Windows 10 Could Corrupt Your Hard Drive
If you guys must know, I have a TV series set that is really old and the DVD set is experiencing bit-rot. Some of the disks are physically delaminating. Needless to say, I have all the disks ripped to ISO files on my drives and store them in multiple locations with manually created SHA512 checksums.
It'll take time. It took A REAL LONG TIME for 2000 to get there. I don't think XP is even there yet. But it'll happen, because software isn't perfect. As I said, I doubt it'll be a real issue because by then, the install base will be gone. We hope anyways.It's fast and has low cpu cycles, but it's largerly from IBM datacenter land and doesn't care if you lose power, screw you in that situation lol. You also should be using ECC according to them. Yeah. Old school IBM exec logic... lol.
NTFS as far as a filesystem has it's lineage in HPFS from OS/2. It's a very old design. That doesn't mean it's bad though. It's decently vetted and proven. But Microsoft is aware it is aging, and is working on a replacement already. That's why I mentioned ReFS. It's already available in Server, but it doesn't support extended attributes yet, so you can't install to it.
Regardless, I basically agree with you.In the same sense that FAT32 doesn't need replacement, yes (I'm aware they are not in the same league but they both fill roles, so bear with me). See, it's good at what it does but having a newer flashier "heir to the throne" would not hurt the PR people. That's what MS is after, honestly. ReFS is slowly being retrofitted for that, I feel.
Not impossible, but pretty far out.
So we both have points here.
I think it's the last one Bill Gates actually had lines of code in too. Makes me wonder how competent he really was...
I do agree, though. I would go even further and say XP before SP2 was garbage.
First go to Services and shut off Windows Update and disable it. Refresh Services to make sure it isn't running.
Now navigate to \windows\system32\ and find files wuaueng.dll and wuauclt.exe. If you can find the former, then look for wuauserv.dll.
For each, go to properties, security, advanced.
Click change owner and type in your user name, Click Check Names to select your user name and Click ok. Then Click Apply or Ok on the main window and close it and reopen it.
Now, you can change permissions for all users.
Delete/Remove permissions from all users and Click Ok.
If that doesn't work, then change owner to Administrator, close the window and try again.
That's it.
To re-enable, add "Read/Execute" permissions to System on wuaueng.dll or whichever dll you have. Doesn't need it on wuauclt.exe for some reason.
Please tell me what i am doing wrong. Look, the screenshot shows that "Disable Automatic Update" was ALREADY set. But guess what, Windows autoupdates, auto reboots. Can you lot even begin to understand my frustration!