Microsoft has finally fixed a vulnerability in Windows 10 (opens in new tab) that could potentially enable threat actors to crash the operating system simply by opening a specially crafted folder.
According to reports, Microsoft initially patched the bug in Windows Insider builds in February, before pushing it to all Windows 10 (opens in new tab) users last week with the latest round of Patch Tuesday (opens in new tab) updates.
Tracked as CVE-2021-28312, the vulnerability has reportedly been classified as a distributed denial of services (DDoS) (opens in new tab) flaw.
- We’ve also rounded up the best ransomware protection tools (opens in new tab)
- These are some of the best endpoint protection software (opens in new tab)
- Here's our choice of the best malware removal (opens in new tab) software on the market
Security researcher Jonas Lykkegård first discovered the zero-day bug in Windows 10 (opens in new tab) all the way back in August 2020. It is said to allow users and programs, even those with low privileges, to mark an NTFS disk drive (opens in new tab) as corrupt just by accessing the special folder.
Easy to trigger
Lykkegård told BleepingComputer that the flaw became exploitable probably with Windows 10 build 1803, released in April 2018.
Worryingly, the bug was relatively easy to trigger. Before the migitation, simply changing into the specially crafted folder, either via the command prompt, from the file manager (opens in new tab), or via any other means would cause Windows 10 to mark the drive as dirty. The user would then be prompted to reboot their computer and run chkdsk, which would in turn fail to mark it as clean and prevent the device from booting up.
Unsurprisingly, several malicious apps quickly began circulating on Discord (opens in new tab) and other social media that exploited the vulnerability to render Windows 10 installations useless.
However, BleepingComputer has confirmed the bug has been successfully mitigated with the latest update.
- Protect your devices with these best antivirus software (opens in new tab)
Via BleepingComputer (opens in new tab)