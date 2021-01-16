- Advertisement -

Microsoft says it is planning to fix a strange bug found in Windows 10. This bug could damage a hard drive just by opening an icon. The security researcher, Jonas L, warned for the first time about the bug earlier this week, describing it as a “nasty vulnerability.”

A shortcut can ruin your hard drive

Attackers can hide a specially crafted line within a ZIP file, folder, or even a simple Windows shortcut. All a Windows 10 user needs to do is extract the ZIP file or just look at a folder that contains malicious shortcut and it will automatically trigger hard drive corruption.

Will Dormann, Vulnerability Analyst at the CERT Coordination Center (CERT / CC), confirmed the findings, and points out that there could be more ways to trigger NTFS corruption. Dormann also revealed that the vulnerability has existed in Windows 10 for almost three years, with hardly anyone noticing this error, and that reported another NTFS issue It has not been fixed for two years.

Windows is already working to fix this problem

“We are aware of this issue and will provide an update in a future release,” says a Microsoft spokesperson in a statement to the technology web portal The Verge. “The use of this technique is based on social engineering and as always we encourage our clients to practice good online computing habits, including exercising caution when opening unknown files, or accepting file transfers.”

Other developers have found that the vulnerability also occurs if the user simply copies and pastes the address of the malware shortcut into the address bar of a browser. Bleeping Computer has also tested the bug in a number of different ways, noting that will ask Windows 10 users to restart a PC to repair corrupted disk registries. The reboot will trigger the Windows “chkdsk” process, which should properly repair the corruption.

However, the repair process is not always automatic. Dormann says which may require manual intervention to successfully repair corrupted disk registries. The bug also doesn’t require administrator rights to trigger or special write permissions. This could make it more troublesome for IT administrators if the “chkdsk” process does not automatically repair the affected drives.