Look out! This short Windows 10 command can trash your hard drive [updated]

Share

• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

UPDATED with comment from Microsoft.

Heads up: There seems to be an unpatched flaw in Windows 10 that can corrupt a hard drive with a short, simple, single-line command.

So says Twitter user @jonasLyk, who claims that the command can instantly trash any drive using Microsoft's preferred NTFS file format, even if the command is invoked by a limited-user Windows account without administrative privileges. 

• This simple trick could save your computer
• The best antivirus software to protect your PC
• Plus: Our favorite gadgets from CES 2021

Even worse, the flaw might easily be exploited by malicious hackers and embedded in email attachments, video files or even web pages. 

Just opening the file or page would crash your PC, and it's not clear if the hard drive could always be recovered. It's possible that just viewing a specially formatted icon would also trigger the flaw.

Will Dormann, an information-security expert at the government-funded CERT Coordination Center in Pittsburgh, confirmed the flaw is real. 

Bleeping Computer replicated the flaw and even posted a video of it rendering the C, or main, drive unreadable on a virtual PC. The virtual machine in the video was unable to restore the drive, even after several reboots. 

Bleeping Computer said that in some cases the chkdsk (Check Disk) utility was able to repair the drive. But in other cases the disk's master file table (MFT), an index of all the files on a drive, would be corrupted along with the files. You'd likely need third-party software to fix that.

How to avoid this attack

To avoid attacks using this flaw, you could change your PC's hard drives to the FAT32 file format, the same file format used by USB flash drives, SD cards and other kinds of removable storage. Doing so would be a huge pain in the neck, as you'd have to first back up and then essentially rebuild your system.

You could also be safe if you're still running Windows 10 version 1709, released in October 2017, or earlier. The flaw affects all builds of Windows 10 from version 1803 onward, @jonasLyk told Bleeping Computer, which Dormann confirmed.

It's not clear why this specific command borks hard drives. None of the elements of the command are anything special or uncommon, and it'd be familiar to many Windows users who often get into the command-line interface. 

The only reason this flaw may not have been discovered before is because the active command might not normally be paired with the specified implementation.

"I have no idea why it corrupts stuff and it would be a lot of work to find out," @jonasLyk told Bleeping Computer. "I'll leave it to the people with the source code," i.e., Microsoft.

We're not going to tell you what the command is because we don't want you trying this at home. But if you have a virtual machine, you can find the command in Bleeping Computer's story. Be careful.

Tom's Guide has requested comment from Microsoft about this issue, and we will update this story when we receive a reply.

Update: Microsoft responds

Following our query, a Microsoft spokesperson provided us with this statement:

"We are aware of this issue and will provide an update in a future release. The use of this technique relies on social engineering and as always we encourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers. More information on staying safe online is available at https://www.microsoft.com/en-us/digital-skills/online-safety-resources."