As reported by BleepingComputer, a one-line command can be hidden in a Windows shortcut, a ZIP file, batch files, or others.
Infosec researcher Jonas L. first drew attention to the issue. “The vulnerability will instant pop up complaining about yuor harddrive [sic] is corrupted when path is opened”, he tweeted.
Another user pointed it out that pasting the command into the URL line of any browser apart from Internet Explorer would activate the bug.
Reportedly, the flaw became apparent started around an update issued in April 2018, and continues to work.
Seems like it can also be triggered when you paste the command in the URL of a browser except ie so far pic.twitter.com/7XsGhrowps
— Siam Alam (@Slmi0xC) January 15, 2021
After running the command in the Windows 10 command prompt and hitting Enter, an error message stating "The file or directory is corrupted and unreadable" will appear.
That will then make the user reboot their computer in order to repair the corrupted hard drive. When the computer turns back on Windows starts fixing the issue, although this bug could corrupt any drive.
Astonishingly, the user would only have to view a corrupted file to be inconvenienced; clicking the icon is unnecessary.
A Windows shortcut file with its icon location set to the shortcut would trigger the bug. This can happen as soon as the shortcut is downloaded on a Windows 10 PC, when the computer will attempt to display the file’s icon, try to access the path to the file in the background, and as such corrupt the hard drive.
“Microsoft has a customer commitment to investigate reported security issues and we will provide updates for impacted devices as soon as possible,” a spokesperson told BleepingComputer.
“The use of this technique relies on social engineering and as always we encourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers”, they also told The Verge.
Other strange computer bugs have also been discovered recently. It was found that using a particular photo on an Android device would “soft-brick” a smartphone – sending it into a bootloop or freezing the device.
Restarting the phone in safe mode, holding the volume button when the phone starts up, also did not fix the issue.