This Windows 10 bug can corrupt your hard drive just by opening a folder

Cal Jeffrey

Posts: 3,031   +812
Staff member
PSA: Be careful. A particularly "nasty" Windows 10 bug can potentially corrupt your hard drive just by looking in a folder. An attacker can embed and specially crafted string in a shortcut or folder that instantly corrupts the MFT. It can be avoided by the usual means of not opening email attachments or using any external drives that you do not trust.

Earlier this week, security researchers discovered a bug in Windows 10 that will corrupt the hard drive by merely opening a folder, clicking a shortcut, or by other seemingly innocuous means. Twitter user Jonas L was the first to point out the vulnerability. He noted that it was triggered by "opening special crafted name in any folder anywhere."

CERT/CC vulnerability analyst Will Dormann later verified the bug and added that it had several vectors other than opening a folder or file shortcut, including opening an ISO, VHD, or VHDX, extracting a Zip file, opening an HTML file without a MoTW, and others. It can be particularly nefarious if the code is embedded in the shortcut to a legitimate application.

Upon triggering, the bug will automatically corrupt the NTFS MFT (master file table). Sometimes Windows will immediately pop up a notice to restart your computer so it can run a drive repair. However, Dormann says this is not always the case, and sometimes users will have to run a manual repair.

Microsoft knows about the problem and told The Verge it was working on a fix. In the meantime, it urges users to be cautious and practice proper cyber hygiene.

"We are aware of this issue and will provide an update in a future release. The use of this technique relies on social engineering and as always we encourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers."

Dormann remains pessimistic about a fix coming from Microsoft, claiming that he reported a similar NTFS bug two years ago that still is not fixed. He said he would not disclose the special file name that causes the corruption for now. He wants to give Microsoft a chance to iron the issue out first.

Permalink to story.

 

QuantumPhysics

Posts: 4,999   +5,604
There are some people who specifically keep their OS and cloud storage (Onedrive) on a small SSD drive and keep all their games, files and folders on a separate SSD drive.

It's because of issues like this that I see that method as better than just having everything on a single large SSD drive.
 

Theinsanegamer

Posts: 2,502   +3,740
There are some people who specifically keep their OS and cloud storage (Onedrive) on a small SSD drive and keep all their games, files and folders on a separate SSD drive.

It's because of issues like this that I see that method as better than just having everything on a single large SSD drive.
You could just do several paritions and achieve the same thing with a single large drive, or multiple RAIDed drives.
 

texasrattler

Posts: 1,171   +554
So a issue that even requires a user to manually cause the issue to begin with is MS fault? Yes issues exists, hell they exist in all OSes, lets not kid ourselves.
If a user is stupid enough to open a file, attachement or link then thats on them. For years ppl have been told how to use a computer but every year we hear the same stories. But blame a company instead of the actual user who caused their own issue. Yes MS needs to have a fix in the code but most of these issues are in fact caused by users and are only found out because they indeed didnt follow simple internet safety.
 
Last edited:

terzaerian

Posts: 960   +1,398
There are some people who specifically keep their OS and cloud storage (Onedrive) on a small SSD drive and keep all their games, files and folders on a separate SSD drive.

It's because of issues like this that I see that method as better than just having everything on a single large SSD drive.
I'm liking my current setup - I have Windows installed on a C Drive SSD, game program files on the D and E SSDs, and personal files on an encrypted platter on F, which is also hot-swappable and encrypted. The only annoyance is that Windows won't allow me to set F to auto-unlock on login.
 

Lionvibez

Posts: 2,339   +1,874
You could just do several paritions and achieve the same thing with a single large drive, or multiple RAIDed drives.

A single drive is still a single point of failure.

My setup has my Os and Apps on an M2 drive and all my games are on a 2TB raid 0 setup.

I was having issues upgrading off build 1909 so I did a fresh wipe once windows was up and running I just had to point my game launchers to the other drive and that was sorted in a few mins. Next was just to reinstall my apps which wasn't not too many and I was backup and running in a relatively short time.

And all my Media is on a my NAS which has 16TB's of storage.

If I ever have my main desktop down it doesn't take everything with it.
 
Last edited:

trparky

Posts: 920   +967
I tried it inside a Hyper-V VM which as the articles suggest, it resulted in a NTFS error in my Event Log. I rebooted the VM, it did a CHKDSK as it should, tried to reboot, it BSODed, rebooted again, ran another check of the file system, and then the system came back up as normal.

A little scary if you ask me.
 

gamerk2

Posts: 533   +427
You could just do several paritions and achieve the same thing with a single large drive, or multiple RAIDed drives.

Still a single point of failure.

I generally keep my OS on a small SSD. My downloadable games (Steam, etc.) are on a second larger SSD. Any non-installable items are on a removable drive for easy transfer across devices.
 

Nobina

Posts: 3,133   +3,008
Hard drive failure is very uncommon and I feel absolutely fine keeping all my stuff on it rather than on the cloud. Important data should be stored on multiple devices and the chances of them all failing are lower than you getting beheaded in Paris.
 

OortCloud

Posts: 613   +470
Usual ludicrous fuss over a file with a bad name. Your hard disk isn't corrupted.
The repair tool pops up and offers to fix by renaming the dodgy file or you reboot and the repair tool does it then. Hardly the end of days....
 

amghwk

Posts: 1,055   +968
I know I may be beating a dead horse, but I enjoy my switch to linux more and more very often

I was using different distros of Linux on and off for variety and curiosity, before Win10.

Thanks to Windows 10, I too made a full switch to Linux. Mint on one, Arch on another, OpenSuse on yet another machine.

Things are much much more interesting and adventurous in the world of *nix.

And heck, even can play Steam games via Proton. In fact, WINE and Steam via Proton can even play older Windows games that have problem within newer Windows itself!
 

yRaz

Posts: 3,719   +3,725
I was using different distros of Linux on and off for variety and curiosity, before Win10.

Thanks to Windows 10, I too made a full switch to Linux. Mint on one, Arch on another, OpenSuse on yet another machine.

Things are much much more interesting and adventurous in the world of *nix.

And heck, even can play Steam games via Proton. In fact, WINE and Steam via Proton can even play older Windows games that have problem within newer Windows itself!
If I want to game on something that steam/proton doesn't support I just open a windows VM with PCIe passthrough.

Having tons of cores(thanks AMD!) Makes this more practical than ever. I find myself always coming back to Mint, but I can assign a VM 6 cores and not lose any performance in linux
 

jelabarre59

Posts: 36   +16
So a issue that even requires a user to manually cause the issue to begin with is MS fault? Yes issues exists, hell they exist in all OSes, lets not kid ourselves.
If a user is stupid enough to open a file, attachement or link then thats on them. For years ppl have been told how to use a computer but every year we hear the same stories. But blame a company instead of the actual user who caused their own issue. Yes MS needs to have a fix in the code but most of these issues are in fact caused by users and are only found out because they indeed didnt follow simple internet safety.

But to have a flaw that is so dead-simple to do? Not some heavy-duty assembler code or anything, but just a weirdly-named folder? Now **THAT** takes some extra-incompetent OS engineering to have a vulnerability that bad. Just another day in the life of any MSWindows user.