Another Windows Threat? No matter how

In some online publications and Telegram chats, information has appeared about a fresh bug in Windows 10 related to the operation of NTFS. You can see advice from the quite understandable “disable autoloading files in Telegram Desktop” to insane “format your hard drive in FAT32” (do not do this, you will definitely harm yourself).

But in all cases, such publications combine the most “clickbait” headers in the spirit of “a simple file or any site on the Internet can instantly damage your hard drive!”.

Let’s take a look at what is actually happening, whether you need to worry (spoiler: not really), and what Telegram users should take in particular (although the problem is not related to the messenger).

Researcher @jonasLyk found that running a simple command on Windows 10 starting with version 1803 “damages the computer’s hard drive” (affects 2018 and later versions – most Windows 10 computers). 

But do not immediately disconnect your computer from the Internet. When Windows in any way tries to execute this command (more on that later), a service mark “disk is damaged” appears on the disk. This mark is only a signal for further actions of the system, but does not necessarily mean any breakdown. Windows detects the label and alerts the user with a pop-up notification. In the notification, the system says that it will try to fix the problem during the reboot (this may scare an inexperienced user).

At the next reboot, Windows will scan the disk for a fault label, check the corresponding entries, remove the reason for this label (if you downloaded a “malicious” file), save a report on the problem that has been resolved, after which the system will start as usual. The process does not take long, since no files were damaged.

Why did Telegram channels start writing about this? One of the easiest ways to get a person to execute such a command on his computer is to send him a special file and ask him to open it. This can be done via Telegram. In fact, this command is an innocent joke compared to the problems that you can get by opening files sent to you from strangers . The worst thing that can happen in this case is that the next time the computer boots up, a disk check will be launched, which will cause you to wait a little.

Why is it advised to disable autoload? There are more sophisticated ways to get someone else’s computer to execute a command. For example, create a special file with the .url extension, and specify a special malicious command in the address for the file icon. If you have autoloading files enabled, Telegram will download such a file. Later, if you ever go to the downloads folder, Windows will try to load the icon from the specified path, and you will see a warning about “corruption”, after which Windows will try to check the disk again.

In order not to waste time because of each joker, go to Telegram settings – advanced settings – and disable the download of files in each category. In order not to check empirically whether someone managed to send you malicious files, open Settings – Advanced settings – “Device memory” and click “Clear all”. This will remove the already downloaded files from the disk. This is one of the key advantages of chats that are stored in the cloud – you can always download the files you need again manually if you need something.

Subscribe to our channels in Telegram,  Telegram Info  and  Beta Info to always be aware of the latest news of the messenger.