Tracked as CVE-2021-28312, the vulnerability has reportedly been classified as a distributed denial of services (DDoS) flaw.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
- We’ve also rounded up the best ransomware protection tools
- These are some of the best endpoint protection software
- Here's our choice of the best malware removal software on the market
Security researcher Jonas Lykkegård first discovered the zero-day bug in Windows 10 all the way back in August 2020. It is said to allow users and programs, even those with low privileges, to mark an NTFS disk drive as corrupt just by accessing the special folder.
Easy to trigger
Lykkegård told BleepingComputer that the flaw became exploitable probably with Windows 10 build 1803, released in April 2018.
Worryingly, the bug was relatively easy to trigger. Before the migitation, simply changing into the specially crafted folder, either via the command prompt, from the file manager, or via any other means would cause Windows 10 to mark the drive as dirty. The user would then be prompted to reboot their computer and run chkdsk, which would in turn fail to mark it as clean and prevent the device from booting up.
Unsurprisingly, several malicious apps quickly began circulating on Discord and other social media that exploited the vulnerability to render Windows 10 installations useless.
However, BleepingComputer has confirmed the bug has been successfully mitigated with the latest update.
- Protect your devices with these best antivirus software
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.