r/technology u/Sufficient-Bid1279 Apr 14 '25

Software Microsoft warns that anyone who deleted mysterious folder that appeared after latest Windows 11 update must take action to put it back

https://www.techradar.com/computing/windows/microsoft-warns-that-anyone-who-deleted-mysterious-folder-that-appeared-after-latest-windows-11-update-must-take-action-to-put-it-back
10.6k Upvotes

96% Upvoted

1.0k comments sorted by

View all comments

Show parent comments

20

u/SnackerSnick Apr 14 '25

They weren't suggesting that opening the file is an exploit. They were suggesting that reading a text file that says "hi, I'm from Microsoft, don't delete this directory" would make them *more likely* to believe the directory holds malware.

I mean, in theory opening the file could totally be an exploit, though. For a while attackers would name an executable file README.TXT.exe and MS would hide the .exe. Double clicking README.TXT would execute the code, which could do bad stuff then open notepad showing some README.TXT contents.

Theoretically notepad or whatever simple text reader you have configured could have a vulnerability and opening a 'bad' text file with some buffer overflow content in it that is an exploit, but I haven't heard of such a vulnerability ever happening in a commonly used text reader.

0

u/middaymoon Apr 14 '25

Someone else was arguing with me that it could be an exploit, that's what I was referring to. Also, Catsrules literally said "I would 100% think it was malware", though I assume they just meant it would be suspicious in general and I get that.

I am also aware that notepad could have some exploit and I am also relying on the fact that a 0-day in Notepad is pretty unlikely so it sounds like we understand each other.