Reply to thread

Message

<blockquote data-quote="Andy Ful" data-source="post: 925644" data-attributes="member: 32260">This vulnerability is not related to advanced WD settings that can be enabled by ConfigureDefender. It is also improbable that it could be used in widespread attacks, because it cannot give the attacker any profit. Anyway it seems that it can be used for some time to abuse websites for fun.This NTFS driver vulnerability is related to a specific command line with the $I30 attribute or shortcut&#039;s faulty icon path. On reboot, the Windows check disk utility can probably repair the error (as it follows from the BleepingComputer article), but I did not test it. In Enterprises, this vulnerability can be used to force Windows restart which can be some advantage to the attacker (especially when attacking the servers).Edit.As an author explains the exploit can be delivered via HTML webpage, so it will be probably blocked soon by the AV web protection modules.</blockquote>

[QUOTE="Andy Ful, post: 925644, member: 32260"] This vulnerability is not related to advanced WD settings that can be enabled by ConfigureDefender. It is also improbable that it could be used in widespread attacks, because it cannot give the attacker any profit. Anyway it seems that it can be used for some time to abuse websites for fun. This NTFS driver vulnerability is related to a specific command line with the $I30 attribute or shortcut's faulty icon path. On reboot, the Windows check disk utility can probably repair the error (as it follows from the [B][I]BleepingComputer article), [/I][/B]but I did not test it. In Enterprises, this vulnerability can be used to force Windows restart which can be some advantage to the attacker (especially when attacking the servers). Edit. As an author explains the exploit can be delivered via HTML webpage, so it will be probably blocked soon by the AV web protection modules. [/QUOTE]

Verification