CATEGORIES
home News

NTFS Metadata Bug Torpedoes Windows 7 And 8.1 PCs With Four-Character String

by Brandon HillFriday, May 26, 2017, 02:11 PM EDT

It hasn’t exactly been a sterling month with regards to security for Microsoft. The company was rocked by WannaCry, a ransomware outbreak that spread across the globe. Now we’re learning of a new vulnerability that revolves around a hidden Windows metadata file called $MFT.

$MFT is used by the NTFS filesystem, and resides in the root directory of Windows operating systems.  Accessing it is a big no-no as far as Windows is concerned, and will result in the operating putting a permanent lock on the file.

windows 7 pro

This locking behavior is exactly what happens in the case of the exploit initially discovered by Aladdin RD security researchers earlier this week. A specially crafted website (looking to inflict harm on unwitting users) could use this exploit to crash your PC – the potential victim would only need to visit the site for a successful attack. Pulling off the trick is as simple as creating a directory called $MFT to store images on the website. When your browser (in this case, Internet Explorer) attempts to access those images and your operating system sees those four characters, all hell breaks loose.

Windows (as expected) locks local access to $MFT and halts all operations on an affected machine. Your PC will slow down, stop responding, or simply just throw up a BSOD as a sign of surrender. The only way to fully recover from the “attack” is to reboot your machine.

According the researchers, Windows 7 and Windows 8.1 (both still supported by Microsoft) are affected by the $MFT exploit. Windows 10 users are thankfully spared from this trickery. According to Ars Technica, Microsoft has been alerted to the $MFT bug, but has provided no guidance on whether it is considered a priority matter or if a patch will be released.

Tags:  Windows 7, NTFS, Windows 8.1, (nasdaq:msft)
Brandon Hill

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

TOP STORIES
Which New GPU Is For You?
More Results
KEEP INFORMED

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2026 Hot Hardware Inc, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment