Each year, we learn more and more about ways attackers can frustrate IT professionals and users, create delays in business processes, and even render IT resources completely unavailable. Today's blog focuses on the yet-to-be-patched zero-day exploit in Windows 10, specifically a vulnerability in Microsoft's NTFS (New Technology File System), which is only a one-line command.
As it was tested by the pros at BleepingComputer and subsequently reported on, this exploit doesn't require deep understanding in executing nor does it come in one specific form. This crippling one-liner can come in the form of a shortcut file, an HTML file, a ZIP file, and other means that rapidly corrupt the filesystem index. There are many ways to ruin a filesystem, but typically certain levels of user privilege are required. In this case, there are no user privilege-based safeguards against execution of the exploit.
Windows 10 users hit with this exploit will quickly see an error notification containing: "The file or directory is corrupted and unreadable." This notification is followed by an automated request from Win10 to attempt repairs against the corrupt disk volume on reboot. Generally speaking, this remediation route does not work.
Exploits like this have the potential to cause significant data loss, which is why it is essential to remain vigilant about backing up business critical data to cloud locations. In most instances where this occurs in its worst form, users will need a refreshed operating system to get up and running again.
All in all, this exploit can cause costly delays to employee productivity in its least effective execution and notable data loss when data isn't being backed up regularly to a cloud location, such as Microsoft OneDrive.
If you are concerned about how this may affect your workforce, send us a message to talk about it. Contact Us.