Since the beginning of the year, a vulnerability in Windows 10 allows a program to corrupt NTFS drives simply by opening a folder. Microsoft has finally corrected this flaw by indicating in the command prompt that the trajectory is invalid. We strongly recommend that you install Patch Tuesday soon.
Last January, we told you about a zero day flaw capable of deleting an entire hard drive with a simple command line . Spotted by developer Jonas Lykkegård, this vulnerability is particularly worrying because it is extremely easy to exploit . After its victim has downloaded a small program, it suffices to run a single command line in the prompt for an NTFS disk, potentially a hard disk, to appear corrupted .
The computer then restarts and the disk is no longer accessible . Since the beginning of the year, hackers have distributed malware in the form of bogus tools on social networks, including Discord. Once executed, these programs activate the bug and, moreover, force the PC to crash so that the attack remains unnoticed .
THE NEXT TUESDAY PATCH FIXES THE BUG OF NTFS DISKS
At the time Microsoft clarified that the bug did not erase data from the NTFS drive, but only marked it as corrupt. A restart accompanied by the chkdsk command is sufficient to correct the problem . Still, the flaw was still present and, therefore, dangerous. In February, the firm got down to the task by testing solutions in the Indider builds of Windows. Finally, the April 2021 Patch Tuesday includes a patch for the vulnerability .
The flaw is classified as a DDoS attack and takes the name of CVE-2021-28312 or “Windows NTFS Denial of Service Vulnerability”. As soon as the patch is installed, the command prompt indicates that the path to the folder is invalid when the attack attempt is initiated. Like the February 2021 Patch Tuesday which fixed a critical flaw , we strongly recommend that you install the update to benefit from optimal protection for your PC.