Windows is full of glitches. Despite the fact that Microsoft updates its operating system every month, and fixes a good number of bugs, this OS continues to surprise users. Some of the bugs hidden under this operating system are simple, harmless, and only affect a very small group. But other failures can be much more serious and can even make us lose all our data from the NTFS hard drive, as is the case with this new zero-day.
A single CMD command to kill all data
This zero-day failure is not new. The researcher who discovered it began to report it last August 2020. However, since then, he has not received a response from Microsoft. Although it seems so simple that it could be false, this hidden flaw within NTFS allows you to corrupt any hard disk formatted in NTFS simply by executing the following simple command:
cd c:/$i30:$bitmap
When run, this command automatically corrupts the entire hard drive file index in NTFS. Windows will show a message from which we can perform a system repair, but the truth is that it will be too late, and the data will have been lost from the hard drive. If we check the Windows event viewer we can see an error in which it will indicate that the Master File Table (MFT) on the hard disk is corrupt.
According to the tests that have been carried out, this simple command can be hidden in all types of files: shortcuts, ZIP files, script files, etc. Even in other vectors or programs, leading to instant corruption of all PC data. And, as if that weren’t enough, it can be run from user accounts without permissions and on any hard drive, not just C.
This security flaw must be available from version 1803 of Windows 10 , version released in April 2018. However, it has not been until now that Microsoft has detected it, thanks to the researcher, and begins to consider the possibility of solving it.
How to protect our data from NTFS hard drive
At the moment, any user running Windows 10 is vulnerable. The bug has been reported to Microsoft several times and the company has refused to fix it. Therefore, from now on, we are all vulnerable . And worst of all, the bug can be hidden in any script, any file or any program.
Of course, we should never manually execute the command we have seen above, as we could lose our data . But if we want to do the test, we can run it inside a virtual machine, seeing how we run out of data.
We hope that Microsoft will fix this problem with the following security updates. Otherwise, we could have serious problems, since it is very likely that it will start to explode in a massive way. The best way to protect ourselves from this problem while the patch arrives is to make backup copies . In this way, if this command is executed on the PC, we will be able to recover the data after a quick format, and the losses would be less.
