Posted on 01/15/2021 8:43:27 AM PST by dayglored
An unpatched zero-day in Microsoft Windows 10 (and prior) allows attackers to corrupt an NTFS-formatted hard drive with a one-line command.
In multiple tests by BleepingComputer, this one-liner can be delivered hidden inside a Windows shortcut file, a ZIP archive, batch files, or various other vectors to trigger hard drive errors that corrupt the filesystem index instantly.
"Critically underestimated" NTFS vulnerability
In August 2020, October 2020, and finally this week, infosec researcher Jonas L drew attention to an NTFS vulnerability impacting Windows 10 that has not been fixed.
When exploited, this vulnerability can be triggered by a single-line command to instantly corrupt an NTFS-formatted hard drive, with Windows prompting the user to restart their computer to repair the corrupted disk records.
The researcher told BleepingComputer that the flaw became exploitable starting around Windows 10 build 1803, the Windows 10 April 2018 Update, and continues to work in the latest version.
What's worse is, the vulnerability can be triggered by standard and low privileged user accounts on Windows 10 systems.
A drive can become corrupted by merely trying to access the $i30 NTFS attribute on a folder in a certain way.
[Much more information, pics, examples, etc. at the article link...]
(Excerpt) Read more at bleepingcomputer.com ...
Does that present any other alternatives for gaining admin privileges?
Oh right, sorry, you said that above. Brain fart on my part.
> Does that present any other alternatives for gaining admin privileges? Well, I'm fairly certain that 8.1 had the Owner (for Home) and Administrator (for Pro) as the defaults. See if you can find evidence for which one is on the laptop. Hopefully you have the passwords for them somewhere.... :-/
Among other things, that brought up "open command prompt". When I hovered the cursor over that, it brought up two choices. "Open command prompt", and "open command prompt as administrator". Clicked on the administrator choice and I was off to the races!
The chkdsk took about an hour and a half. It seemed to be stuck on 10 percent forever, but when I took a two minute break for a glass of water, it was finished when I got back. Wife says so far, so good. Thanks for all your help.
God Bless, and have a great rest of the weekend.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.