Friday , February 26 2021

In Windows 10, opening a folder can corrupt the file system. Microsoft promised a patch – Živě.cz

Just open the folder and your Windows 10 computer will no longer start. Sounds nonsense? But it is not. However, the folder must have a shortcut, file, or other folder with a special string name. The TechSpot server reports the inconvenience.

This string is being loaded MFT database corruption (Main file table). It saves data from each folder and file to the disk drive with the NTFS file system. The file system internally determines files and directories based on the location of the records in the MFT that mark the beginning of their metadata.

Just open the folder

The danger of the whole situation is mainly that the user is not required to take any action other than opening the folder. Therefore, it does not need to run suspicious files or open malicious attachments from emails. The bug was posted early last week and was the first to fix it pointed out on Twitter security expert Jonas Lykkegård. However, he did not reveal the critical chain itself to prevent its spread and abuse.

Lykkegård identifies the NTFS vulnerability as critical and states that “A particularly malicious vulnerability is triggered by opening a specially crafted name in any folder on the disk. This vulnerability triggers immediate and data corruption.”

Will Dormann, a CERT / CC safety analyst, reviewed and confirmed the following issue. He clarified that the error can also occur when browsing disk images in ISO, VHD, and VHDX formats, ZIP archives, or opening an HTML file.

File system corruption

In some cases, an error results system crash, “blue screen” screen (BSOD) followed by a spontaneous restart of the computer. After a reboot, disk repair begins, but it doesn’t always work, and in some cases, users have to perform a manual repair, which fortunately brings up the file system.

Microsoft is aware of this and responded to The Verge’s question that it was already working on the fix and urged users to be careful. “We are aware of this issue and will provide an update in a future release. Use of this technology depends on social planning, so as always, we encourage our customers to adopt the right practices, including caution when opening or receiving unknown files.”

Dormann is pessimistic about the patch, claiming that two years ago he reported a similar NTFS error that still not fixed. He said he did not release a specific filename that caused the file system to corrupt because he wanted to allow Microsoft to fix the problem.

Source link