In the middle of last month, it became known that a serious vulnerability was discovered in Windows 10, the exploitation of which leads to damage to the NTFS file system. Now, online sources say that Microsoft has released a corresponding fix, which this week became available to members of the Insider program on the Dev (Early Access) channel.
The danger of this vulnerability is that it does not require administrator rights to exploit it, and it is sufficient to execute a one-line command on the command line. These actions will damage the NTFS file system, and the user will see a message about the need to restart the operating system to start the recovery process. In addition, the command required to exploit the vulnerability can be embedded by cybercriminals into a shortcut, executable file, or archive.
During the reboot, the chkdsk utility is launched to find and fix file system errors. Microsoft said the exploitation of the vulnerability does not damage the disk and the use of the chkdsk utility corrects the situation. However, the source notes that the check fails to restore the file system and after the chkdsk utility completes, Windows still does not load.
Microsoft was supposed to release a fix for this vulnerability along with the February security patch as part of the Patch Tuesday program, but this did not happen. This week, an undocumented fix was added to Windows 10 Build 21322, which is available to members of the Microsoft Insider Program. When attempting to exploit a vulnerability in this OS assembly, the message "Invalid directory name" appears and the operating system does not mark the NTFS volume as damaged. It is not yet known when the fix may become publicly available.
0 Comments