A zero-day exploit has been discovered that can crash your Windows 10 device – and, even more worrying, can be delivered inside a seemingly harmless shortcut file. The vulnerability can corrupt any NTFS-formatted hard drive and even be exploited by standard and low privilege user accounts.
Security researcher Jonas Lykkegaard referenced the vulnerability on Twitter last week and had previously drawn attention to the issue on two previous occasions last year. Despite this, the NTFS vulnerability remains unpatched.
There are various ways to trigger the vulnerability that involve trying to access the $i30 NTFS attribute on a folder in a particular way. One such exploit involves the creation of a Windows shortcut file that has its icon location set to C:\:$i30:$bitmap. Bleeping Computer found that this triggered the vulnerability even if users did not attempt to click on the file in question. Windows Explorer’s attempts to access the icon path in the background would be enough to corrupt the NTFS hard drive.
- Keep your devices virus-free with the best malware removal software
- These are some of the best identity theft protection providers
- Check out our roundup of the best endpoint protection software
It’s not known why accessing the '$i30' string corrupts the NTFS drive and Lykkegaard has discovered that the registry key that would help get to the bottom of the matter doesn’t work. After the $i30 string has been accessed, Windows 10 users will receive an error message, followed by a request asking them to restart their device and repair the corrupted drive.
It has also been discovered that threat actors could exploit this vulnerability by delivering payloads that contain referenced to the $i30 file path. These could include HTML files and ZIP archives, although most browsers would restrict the efficacy of some attacks.
Despite the fact that the NTFS exploit has been known about for some time, there’s no word on when Microsoft will be delivering a patch. A company spokesperson simply restated its commitment to investigating reported security issues.
- We've also highlighted the best antivirus software around
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services. After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.