This tiny shortcut can completely crash your Windows 10 device

Any NTFS-formatted hard drive can be corrupted

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A zero-day exploit has been discovered that can crash yourWindows 10device – and, even more worrying, can be delivered inside a seemingly harmless shortcut file. The vulnerability can corrupt any NTFS-formatted hard drive and even be exploited by standard and low privilege user accounts.

Security researcher Jonas Lykkegaard referenced the vulnerability onTwitterlast week and had previously drawn attention to the issue on two previous occasions last year. Despite this, the NTFS vulnerability remains unpatched.

There are various ways to trigger the vulnerability that involve trying to access the $i30 NTFS attribute on a folder in a particular way. One such exploit involves the creation of a Windows shortcut file that has its icon location set to C::$i30:$bitmap.Bleeping Computerfound that this triggered the vulnerability even if users did not attempt to click on the file in question. Windows Explorer’s attempts to access the icon path in the background would be enough to corrupt the NTFS hard drive.

Exploits available

It’s not known why accessing the ‘$i30’ string corrupts the NTFS drive and Lykkegaard has discovered that the registry key that would help get to the bottom of the matter doesn’t work. After the $i30 string has been accessed,Windows 10users will receive an error message, followed by a request asking them to restart their device and repair the corrupted drive.

It has also been discovered that threat actors could exploit this vulnerability by delivering payloads that contain referenced to the $i30 file path. These could include HTML files and ZIP archives, although most browsers would restrict the efficacy of some attacks.

Despite the fact that the NTFS exploit has been known about for some time, there’s no word on whenMicrosoftwill be delivering a patch. A company spokesperson simply restated its commitment to investigating reported security issues.

ViaBleepingComputer

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption

Samsung plans record-breaking 400-layer NAND chip that could be key to breaking 200TB barrier for ultra large capacity AI hyperscaler SSDs

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)