████ # This file was generated bot-o-matically! Edit at your own risk. ████
'Nasty' Windows 10 bug can corrupt a hard drive by you looking at a file [windowscentral.com]:
What you need to know
- A "nasty" Windows vulnerability can corrupt a hard drive when someone looks at a specific line of code.
- The bug has been exploitable since the Windows 10 April 2018 Update.
- Microsoft is working on a fix for the issue.
A "nasty" NTFS vulnerability in Windows 10 has been highlighted yet again by infosec researcher Jonas L [twitter.com]. The vulnerability can be exploited with a single-line command and when exploited, corrupts an NTFS-formatted hard drive. Following the corruption, Windows will prompt a person to restart their computer to fix the issue.
Attackers can hide the line of code inside a ZIP file, folder, or even a Windows shortcut file. If the bug is exploited correctly, it can corrupt a drive without someone even opening the malicious file. BleepingComputer found that once a shortcut file was downloaded to a Windows 10 PC and is viewed within a folder, Windows Explorer will attempt to display the files' icon. As a result, the attack will take place and an NTFS hard drive will be corrupted.
VPN Deals: Lifetime license for $16, monthly plans at $1 & more [androidcentral.com]
In layman's terms, if people look at a certain folder or extract a ZIP file that has a certain piece of code on their PC, it will cause some drives to be corrupted.
Jonas L explained to BleepingComputer [bleepingcomputer.com] that the vulnerability became exploitable with Windows 10 build 1803, also known as the Windows 10 April 2018 Update. The bug persists into newer versions of Windows 10 as well. Jonas L also flagged up the vulnerability in August 2020 and October 2020.
Microsoft responded to The Verge [theverge.com] regarding the bug, stating:
We are aware of this issue and will provide an update in a future release. The use of this technique relies on social engineering and as always we encourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers.
The vulnerability can also be exploited if you paste a certain string of code into the address bar in a browser. Windows 10 will try to automatically repair the drive corruption but vulnerability analyst Will Dormann notes [twitter.com] that it could require manual intervention to repair.
Ditch the wires Best Xbox One Wireless Headset: For when you want audio without the cables [windowscentral.com]
Fancy ditching the wires in your Xbox headset set up? These are the best wireless Xbox headsets we've tested (and that are currently available)!
Leather optional Review: A focus on internal changes for the Yoga 9i 14's move from the C940 [windowscentral.com]
Lenovo changed up the naming of the Yoga C940 to the Yoga 9i, and it also refreshed the internal hardware while keeping most of the physical properties the same.
Slow and steady We're going to see tons of game delays this year and that's OK [windowscentral.com]
We'll be seeing a lot of games delayed throughout 2021, more than were delayed in 2020. Right now, you should only depend on playing things that were originally supposed to release last year. Here's why that's OK.
Honey I shrunk the computer! These are the best PC sticks for when you're on the move [windowscentral.com]
Instant computer, just add a screen! That’s the general idea of the ultra-portable PC Compute Sticks, but it can be hard to know which one you want. Relax, we’ve got you covered.