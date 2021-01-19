- Advertisement -

- Advertisement -

- Advertisement -

- Advertisement -

A new vulnerability has reappeared in Windows 10. A flaw related to the Windows NTFS file system that can allow a malicious attacker to compromise the integrity of our team using just a command line.

A flaw discovered by the security researcher Jonas L, which has revealed the existence of a vulnerability in the Windows NTFS file system. This security breach may cause that, with a simple single line command, the hard disk of our equipment can be corrupted.

Single command

The important flaw, since the command used can be easily camouflaged in different types of files, even a compressed zip type. This case is especially sensitive, since for the attack to start we don’t even have to open the file. Just check the contents of the folder for the command to start.

The user does not have to open the file. Just open the folder where the file is

This security breach can also be executed by any user with access to our equipment, without being a requirement that you have administrator privileges on Windows 10 or have any other privilege. Also, the file can be found inside any folder on the system.

NTFS VULNERABILITY CRITICALITY UNDERESTIMATED

–

There is a specially nasty vulnerability in NTFS right now.

Triggerable by opening special crafted name in any folder anywhere. ‘

The vulnerability will instant pop up complaining about yuor harddrive is corrupted when path is opened pic.twitter.com/E0YqHQ369N – Jonas L (@jonasLyk) January 9, 2021

Once it goes into action, the operating system begins to display messages on the screen indicating that disk data has been corrupted and it will ask for a reboot to repair it. This leads to the hard drive getting corrupted and can lead to data loss.

When the disk becomes corrupted, Windows 10 generates errors in the Event Log that the Master File Table (MFT) contains a corrupted registry. Further, the user does not need to have physical accessThe vulnerability can also be run remotely if it is activated by any type of service that allows opening files with specific names.

Jonas L, the discoverer of the threat, explained in your Twitter account what this bug appreciated with Windows 10 1803 (Windows 10 April 2018 Update) and is present today in the most recent version of the system. In the meantime, they claim to be investigating any reported security issues and will offer updates on compromised computers as soon as possible.

Via | BleepingComputer