Microsoft fixes Windows NTFS Denial of Service Vulnerability (CVE-2021-28312)

A vulnerability was revealed in Windows 10 in January this year, which could be used to damage the contents of NTFS formatted drives, causing the system to crash. “By simply changing to the folder in a command prompt, accessing it from the Run: field, opening it from File Explorer, Windows 10 would mark the drive as dirty and prompt you to reboot your computer and run chkdsk.” Chkdsk sometimes fails to complete the repair, and instead causes the system to fail to start.

In order to solve this problem, Microsoft has been testing repair patches in the Windows Insiders community since February this year. Now, as part of Patch Tuesday in April 2021, Microsoft has finally fixed the vulnerability in all supported versions of Windows 10. The company has classified this vulnerability as a DDoS vulnerability and marked it as CVE-2021-28312 (Windows NTFS Denial of Service Vulnerability).

The test results show that after installing this update, the NTFS corruption bug has indeed been resolved. In addition to fixing this vulnerability, Patch April 2021 also fixes 107 other vulnerabilities.

After installing the relevant updates of Windows 10, when trying to access the problematic path, the “The directory name is invalid” message will appear.

Via: bleepingcomputer