Microsoft says it plans to fix a strange bug in Windows 10 that could damage the hard drive just by looking at an icon. Security researcher Jonas L first warned of the error earlier this week, describing it as a “nasty vulnerability.” Attackers can hide a custom line in a ZIP file, folder, or even a simple Windows shortcut. All a Windows 10 user has to do is extract the ZIP file or just look at a folder that contains a malicious shortcut, and this will automatically cause hard drive corruption.
Will Dorman, a vulnerability analyst at the CERT Coordination Center (CERT / CC), confirmed the findings and noted that there could be more ways to trigger NTFS corruption. Dorman also revealed that the vulnerability has existed in Windows 1
“We are aware of this issue and will provide an update in a future release,” a Microsoft spokesman said in a statement to On the edge. “Using this technique relies on social engineering and, as always, encourages our customers to practice good computer habits online, including being careful when opening unknown files or accepting file transfers.”
Others have found that the vulnerability also occurs if you simply place the infringing string in the browser’s address bar. Bleeping Computer also has tests the error in a variety of ways and notes that it will cause Windows 10 users to restart a computer to repair damaged disk records. Restarting will trigger the Windows chkdsk process, which should successfully repair the failure.
The repair process is not always automatic. Dorman says manual intervention may be needed to successfully repair damaged discs. The error also does not require administrator trigger rights or special write permissions. This can make it more problematic for IT administrators if chkdsk fails to automatically repair affected devices.