Security researcher Jonas L (@jonasLyk) recently revealed that there is a command that can damage an NTFS-style storage drive in the blink of an eye. And it’s so simple that there’s only one line.
When exploited, this vulnerability will immediately damage the NTFS formatted hard drive. Windows operating system will prompt users to restart their computer to repair the corrupted disc records.
Warning from researcher Jonas L.
The vulnerability can be exploited starting with Windows 10 version 1803, the update was released on April 10, 2018, and continues to work in the latest version, the researcher said. What’s worse is, the vulnerability can be triggered by standard and low-privilege user accounts on Windows 10 systems.
WARNING: Executing the following command on a working system will damage the drive and possibly make it inaccessible. Only check this command in a virtual machine where you can restore the system to a previous backup if the drive is damaged.
“$ i30” is an NTFS property for folders that contain a list of files and subfolders that can damage your drive when accessed. According to Jonas, the Registry key helps diagnose the problem not working in this case, so the cause of “why it’s corrupted” is unknown.
One user who reported executing this command said “it can be repaired normally even after 10 times”, but according to Bleeping ComputerThere are cases when the system’s Master File Table will be damaged.
Immediately after entering the command mentioned above, the command prompt will display “Damaged and unreadable” file or directory. And shortly thereafter, the window with the message: “Restart to fix the drive” will automatically pop up. Upon restart, the Windows disk check utility runs and starts fixing the hard drive, as shown in the video below.
NTFS error in Windows 10
After the drive is damaged, Windows 10 generates an error in the Event Log that says that the Master File Table (MFT) for the specific drive contains the corrupted log. The test of BleepingComputer also shows that the user can use this command on any drive, not just the C: drive, and that drive will then crash.
Serious flaws like these have been known for many years and reported to Microsoft before, but have yet to be patched, according to community sources.
This NTFS issue also affects older versions of Windows XP according to the new information. One user has stated that the path “$ i30” is indeed a valid path, but accessing it directly in the way described above could cause an unprecedented issue.
Bleeping Computer reported to Microsoft about the command in question and received a response from a spokesperson that said: “We will make an update available to the affected devices as soon as possible.”