There is a new Zero-Day bug out being reported by Microsoft that impacts NTFS hard drives. The bug can lead to immediate corruption of the NTFS file table should the file even be viewed. The bug can be hidden inside a zip file, folder or even a Windows shortcut. While the damage can be repaired by the Operating System, there have been reported incidents where this repair has failed.
Current vectors include:
- Extracting a zip file.
- Opening an HTML file with compatibility mode enabled.
- Renaming a file to a certain value.
- Clicking a folder with a certain value name.
- Pasting a special command.
Until Microsoft releases a patch for this, extreme care should be taken to avoid triggering this exploit as it can occur regardless of user status. Unless a zip file source is known, it should not be interacted with. Further, if a zip file contains a file of unusual naming including a $, it should be immediately deleted.
Microsoft plans to issue a fix in a future release.
Here is an article on this bug: Microsoft to fix Windows 10 bug that can easily corrupt a hard drive.