이 작은 바로 가기가 Windows 10 장치를 완전히 손상시킬 수 있습니다.

newsroom 1/17 '21 posted 뉴스 IT

• "공격자는 ZIP 파일, 폴더 또는 간단한 Windows 바로 가기 내에서 특수하게 조작된 줄을 숨길 수 있습니다.

• 다른 사용자는 브라우저의 주소 표시줄에 위반 문자열을 붙여넣기만 하면 이 취약성이 발생한다는 것을 발견했습니다.

• 조나스는 또한 아이콘 위치가 C:\:$i30:$bitmap으로 설정된 바로 가기 파일이 생성되면 이 파일이 들어 있는 폴더를 여는 것만으로도 드라이브가 손상된다는 것을 발견했습니다.

• 모든 폴더에서 특수하게 조작된 이름을 열어서 트리거할 수 있습니다.

• 이 취약성은 경로를 열 때 하드 드라이브가 손상되었다고 불평하는 팝업이 즉시 나타날 것입니다."

• 이 기술의 사용은 소셜 엔지니어링에 의존하며, 우리는 항상 고객들이 알 수 없는 파일을 열 때 주의를 기울이거나 파일 전송을 받아들이는 것을 포함하여 온라인에서 좋은 컴퓨팅 습관을 연습하도록 권장합니다."

• 이 문제에 대해 잘 알고 있으며 향후 릴리스에서 업데이트를 제공합니다.

Microsoft to fix Windows 10 bug that can easily corrupt a hard drive [www.theverge.com]

Serious Windows 10 flaw could corrupt your hard drive if you open a folder [betanews.com]

'Nasty' Windows 10 bug can corrupt your hard drive just by you looking at an icon or folder [www.windowscentral.com]

This tiny shortcut can completely crash your Windows 10 device [www.techradar.com]

Beware! Nasty Windows 10 bug can corrupt your hard drive - and it's super easy to trigger [www.laptopmag.com]

New Windows 10X aims for simplicity [techxplore.com]

Microsoft Is Fixing a Windows 10 Exploit That Attacks When You Look at It [www.makeuseof.com]

Will Windows 10 be the last Windows OS? [searchenterprisedesktop.techtarget.com]

Microsoft releases KB4598479 update to fix 'Reset this PC' bug in Windows 10 [betanews.com]

Microsoft to fix Windows 10 bug that can easily corrupt a hard drive [www.theverge.com]

Windows 10 news recap: Apple testing Podcasts and Apple Music app for Windows 10, Windows 10X build leaks, and more [www.onmsft.com]

Windows 10 Update (KB4598479) Finally Patches "Reset This PC" Bug [wccftech.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

1/17 '21 answered

There's a new Windows 10 bug that can corrupt a hard drive just if you look at an icon...! Microsoft tells me it's working on a fix, but you don't even need to open a file to trigger this. Details here: https://t.co/2G3lQIPmqf pic.twitter.com/Plp3qUErhY
— Tom Warren (@tomwarren) January 15, 2021

Microsoft to fix Windows 10 bug that can corrupt a hard drive just by looking at an icon https://t.co/bWpxI6pcsI pic.twitter.com/uOrRkiy3qj
— The Verge (@verge) January 15, 2021

#Cybersecurity #ALERT #Microsoft to fix #Windows 10 bug that can corrupt a hard drive just by looking at an icon.#CNN #CNNelection #CNNtonight #100DaysOfCode #100DaysOfHacking #100DaysofLearning https://t.co/v76P5Dficl

via @GoogleNews
— Simon (he) (@Simon99731093) January 15, 2021

Microsoft to fix Windows 10 bug that can corrupt a hard drive just by looking at an icon

全然話題になってないんですけど、
アイコンを見るだけでパソコンが破壊される、まるで人間にとってのNTRみたいなWindowsのバグです https://t.co/tWoC9yY4aQ
— 緋村罵倒祭 (@Muskuarede) January 15, 2021

Nice find by @jonasLyk :
cd <specialdir>

Result: NTFS corruption
Other vectors:
- Open an ISO, VHD, or VHDX
- Extract a ZIP file
- Open an HTML file without a MoTW
- Probably more... pic.twitter.com/LY18Lo3J3m
— Will Dormann (@wdormann) January 9, 2021

Why? Almost 2 years ago I reported to them NTFS filesystems that can cause windows to BSOD when they're mounted. e.g. by double-clicking a VHD or VHDX file.
That's still not fixed.https://t.co/4H8jgqmqJk
— Will Dormann (@wdormann) January 9, 2021

This problem seems to be introduced around the time of Windows 10 1803. Prior versions of Windows do not appear to be affected.
I'll give Microsoft a shot at addressing this before disclosing what the value of <specialdir> is.
Though I question how such things get prioritized...
— Will Dormann (@wdormann) January 9, 2021

permanent link

Reply with curations

Related

Featured