A short command is enough to corrupt all files on an NTFS storage drive with Windows installed 10 . The alarm is raised by researcher Jonas L (@jonasLyk, on Twitter), who speaks of a “underrated vulnerability” from the community. The offending string is the attribute $ i 30 which, if used in some modes, can cause corruption of the solicited drive.

A few characters command can damage a hard disk on Windows 10

The problem raises some concern for three reasons: first, the command can be launched from a Windows account with limited permissions; the second, the problem affects all computers with an NTFS formatted drive, which is the default file system on Windows 10. The third reason is no less serious: the flaw can be easily exploited by a malicious actor simply by inserting the command via attachment in an e-mail , even within videos or web pages.

According to the sources, it is sufficient to open a file designed ad-hoc to crash the PC and damage the hard-disk, and it is unclear to date whether the drive can be restored after being attacked. In any case, even if it were possible to get the drive working again, you would lose all the files stored before the exploit was executed. It is also possible that the command is launched only by displaying an icon on the PC, without interacting with it in any way.

The flaw was later confirmed by Will Dormann and BleepingComputer , which also published a video showing the C: drive of a virtual machine installed in the system in use made useless. According to BleepingComputer, the chkdsk (Check Disk) utility can repair the disk in some cases, but in other cases the MFT (Master File Table), the index of all the files on the drive, could be corrupted along with all the files present. on the system. It is not clear whether in this case it is possible to restore disk use with more advanced third-party software .

How to protect yourself from attack

At the time of writing there are no really effective methods to protect yourself from such an attack. One of them could be to convert your drives to the FAT file system 32, a operation not within everyone’s reach and which requires various compromises. Another method is to revert to a Windows version 00 prior to 1803. The bug is in fact present on Windows 10 1803 and all later versions , while Windows 10 1709, released in October 2017, should be safe according to both Jonas L, according to Dormann.

It is not yet clear why the command is harmful to the solicited units and we await a comment from Microsoft, as well as the resolution definitive of the vulnerability in a patch of the latest Windows operating systems.