According to online sources, a serious zero-day vulnerability was discovered in Windows 10, the exploitation of which allows you to damage the NTFS file system using a one-line command. The issue affects Windows 10 1803 and later versions of the software platform, including the latest Windows 10 20H2.
To exploit the mentioned bug, it is enough to execute a specific command in the Windows 10 command line, after which the NTFS file system will be damaged and the OS will immediately offer to reboot to start the procedure for restoring damaged records.
Worst of all, exploiting this vulnerability does not require administrator rights; the corresponding command can be run even from an account with low privileges. Moreover, the vulnerability is exploited remotely, and the command required to exploit it can be embedded in a Windows shortcut, archive, or some other file.
cd c:\:$i30:$bitmap
One of the variants of the command that damages the NTFS file system in Windows 10
It is noteworthy that the researcher who discovered the problem, Jonas L, first reported it back in August 2020, but even now it remains relevant. He notes that file system corruption occurs when trying to access the NTFS $ i30 attribute in a folder in a certain way. It is unclear why this action results in file system corruption, but a registry key that could be used to diagnose the problem is not working.
The source tested one of the variants of the command that damages the NTFS file system on a virtual machine. Users are strongly discouraged from trying to exploit this vulnerability on real computers.
Microsoft will most likely fix this issue in one of the following updates. Official representatives of the company have not yet commented on this issue.
0 Comments