A bug in NTFS drives reboots the machine and forces the user to go through a long maintenance cycle.
The little pranksters have something to celebrate again. Computer scientist Jonas Lyk has revealed a bug in Windows that allows you to crash the system using a simple file path, in this case “c: : $ i30: $ bitmap”. When Windows comes across this string, it thinks its NTFS system disk is corrupted and prompts the user to restart their machine. Long minutes of maintenance then follow, after which Windows can finally come back to life.
NTFS VULNERABILITY CRITICALITY UNDERESTIMATED-There is a specially nasty vulnerability in NTFS right now. Triggerable by opening special crafted name in any folder anywhere. ‘The vulnerability will instant pop up complaining about yuor harddrive is corrupted when path is opened pic.twitter.com/E0YqHQ369N
– Jonas L (@jonasLyk) January 9, 2021
The site Bleeping Computer has tested several ways to exploit this flaw. One effective technique is to create a bogus Windows shortcut whose icon is located at the prompted file path. As soon as the shortcut appears on the screen, Windows tries to load the icon and… crashes.
And to ensure that such a file arrives on a victim’s machine, nothing could be simpler: you just have to stash it in a ZIP archive for example. At each extraction, the system will ask to restart. In short, be careful what you download from the Web, because the “script kiddies” have already taken action. Microsoft side, no patch is planned to date.
Source : Bleeping Computer