According to the latest news, Microsoft confirmed that it is planning to fix a bizarre Windows 10 bug that could corrupt a hard drive just by looking at an icon. Earlier this week, security researcher Jonas L first warned about the bug describing it as a “nasty vulnerability”. He said, attackers can hide a specially crafted line inside a ZIP file, folder, or a Windows shortcut and it triggers hard drive corruption as soon as a Windows 10 user extracts the ZIP file or looks at a folder containing the malicious shortcut.
Will Dormann, a vulnerability analyst at the CERT Coordination Center confirmed the finding that there could be more ways to trigger the NTFS corruption. He revealed the vulnerability was present in Windows 10 for nearly three years. He also claimed that two years back, he had reported an NTFS issue which is not yet fixed.
A Microsoft spokesperson said in a statement to The Verge, “We are aware of this issue and will provide an update in a future release. The use of this technique relies on social engineering and as always we encourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers.”
Some people have found that the vulnerability also occurs when the Windows 10 user simply paste the offending string into the address bar in a browser. Bleeping Computer has also tested the bug and noted that it prompts the Windows 10 users to reboot a PC to repair the corrupted disk. The reboot successfully repairs the corruption. Note that the repair process is not always automatic.
Dormann says manual intervention might be needed to successfully repair the corrupted disk records. The bug also does not require any admin rights to trigger write permissions which makes it more problematic to automatically repair.,