Home https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ Technology https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ Microsoft is fixing a bug in Windows 10 that could damage NTFS devices

Microsoft is fixing a bug in Windows 10 that could damage NTFS devices



Windows 10

Microsoft has fixed a bug that could allow the threat actor to create specially designed downloads that crash Windows 10 simply by opening the folder where they were downloaded.

In January, we reported a new vulnerability in Windows 10, discovered by Jonas Lykkegård, which allows any user or program, even those with low privileges, to mark an NTFS device as damaged only by accessing a special folder.

Of particular concern is how easy it is to trigger the error. By simply navigating to the folder on the command line, accessing it from the Run: field, opening it from File Explorer, Windows 1

0 will mark the device as dirty and prompt you to restart your computer and start chkdsk, as shown below.

Accessing an NTFS path triggers a failure warning
U
Accessing an NTFS path triggers a failure warning

To make matters worse, threats and pranksters began distributing fake tools, malicious shortcuts, or malware. [1, 2, 3, 4] in Discord and social media, which, when executed, will have access to the folder and trigger the error.

Threatened actors can also use the mistake to force a broken system to hide their activities.

While the error generated by the error stated that the device was damaged, Microsoft clarified that the volume was only marked as dirty and the reboot and chkdsk would quickly mark it as clean.

Unfortunately, in one of our and other people’s tests, chkdsk did not solve the problem and Windows 10 refused to reboot.

Microsoft has fixed the NTFS error

In February, Microsoft quietly began testing the fix on Windows Insider compilations. This week, as part of April 2021, Tuesday, Microsoft finally fixed the vulnerability in all supported versions of Windows 10.

Microsoft classifies this error as a DDoS vulnerability and tracks it as CVE-2021-28312 under the heading “Windows NTFS Denial of Service Vulnerability”.

After installing Tuesday’s updates for Patch this week, BleepingComputer can confirm that the error no longer works, as it will now display an error stating that “Directory name is invalid”, as shown below.

Access to the road no longer means that the device is damaged
Access to the road no longer means that the device is damaged

BleepingComputer strongly recommends that all Windows users install the latest Patch Tuesday security updates. Not only for this vulnerability, but also for the 107 other vulnerabilities removed this month.




Source link