1.7

UEFI NTFS drivers v1.7

• This version, based on NTFS-3G 2023.06.13, fixes minor issues such as errno not always being properly set and a potential use after free.
• The UEFI code is also improved to prevent a potential crash when using the driver in a DEBUG environment (therefore not something that will happen on real consumer hardware) [#5], as well as improve the mapping of errno codes to UEFI error codes.
• None of the issues being fixed/improved upon are expected to be exploitable as security vulnerabilities.
• The binaries were built in a fully transparent manner through GitHub Actions at https://github.com/pbatard/ntfs-3g/actions/runs/5631047056.
  You can validate that the SHA-256 of the binaries below match the ones displayed in the GitHub Actions build report.
• The _signed binaries are the Secure Boot signed versions of the READ-ONLY drivers (Intended for use with the Secure Boot signed UEFI:NTFS binaries found here)
• Note that the 32-bit ARM version is not Secure Boot signed, as Microsoft's current policies require additional validation for the signing of 32-bit ARM UEFI binaries.

1.6

UEFI NTFS drivers v1.6

• This version, based on NTFS-3G 2023.05.09, fixes various potential crashes, some of which were detected on real hardware such as the Windows Developer Kit 2023 (pbatard/uefi-ntfs#37).
• It should be noted that none of these potential crashes is expected to have been exploitable as security vulnerabilities.
• The _signed binaries are the Secure Boot signed versions of the READ-ONLY drivers (Intended for use with the Secure Boot signed UEFI:NTFS binaries found here)
• Note that the 32-bit ARM version is not Secure Boot signed, as Microsoft's current policies require additional validation for the signing of 32-bit ARM UEFI binaries.

1.5

UEFI NTFS drivers v1.5

• This version, still based on NTFS-3G 2022.10.3, fixes a specs non-compliance issue when listing directories through EFI_FILE_PROTOCOL.Read() (#4)
• The _signed binaries are the Secure Boot signed versions of the READ-ONLY drivers (Intended for use with the Secure Boot signed UEFI:NTFS binaries found here)
• Note that the 32-bit ARM version is not Secure Boot signed, as Microsoft's current policies require additional validation for the signing of 32-bit ARM UEFI binaries.

1.4

UEFI NTFS drivers v1.4

• This version, based on NTFS-3G 2022.10.3, includes further hardening against threats caused by maliciously tampered NTFS partitions by:
  • Rejecting zero-sized runs
  • Avoiding merging runlists with no runs
• It also fixes a problem identified by Joshua Machauer regarding the use of malloc()/calloc()/realloc() (#3)
• The _signed binaries are the Secure Boot signed versions of the READ-ONLY drivers (Intended for use with the Secure Boot signed UEFI:NTFS binaries found here)
• Note that the 32-bit ARM version is not Secure Boot signed, as Microsoft's current policies require additional validation for the signing of 32-bit ARM UEFI binaries.

1.3

UEFI NTFS drivers v1.3

This version, based on NTFS-3G 2022.5.17, includes the various security fixes for the vulnerabilities identified in NTFS3G-SA-2022-0001 and NTFS3G-SA-2022-0002 that:

• Improve defence against maliciously tampered NTFS partitions
• Improve defence against improper use of options

The corresponding CVEs are CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789.

The _signed binaries are the Secure Boot signed versions of the READ-ONLY drivers (Intended for use with the Secure Boot signed UEFI:NTFS binaries found here).

Note that the 32-bit ARM version is not Secure Boot signed, as Microsoft's current policies require additional validation for the signing of 32-bit ARM UEFI binaries.

1.2

UEFI NTFS drivers v1.2

• This version is a minor update of v1.1 to fix code analysis warnings.
• This release was build on Linux/Ubuntu using gcc and the latest EDK2.
• The _signed binaries are the Secure Boot signed versions of the READ-ONLY drivers (Intended for use with the Secure Boot signed UEFI:NTFS binaries found here)
• Note that the 32-bit ARM version is not Secure Boot signed, as Microsoft's current policies require additional validation for the signing of 32-bit ARM UEFI binaries.

1.1

UEFI NTFS drivers v1.1

This version, based on NTFS-3G 2021.8.22, includes the various security fixes for the vulnerabilities identified in NTFS3G-SA-2021-0001.

The default driver provides read+write support. Drivers with the _ro suffix are read-only.
The SHA-256 of each individual driver (which proves that the binaries were built from the public source found here, and not tampered with in any way) can be found in the GitHub Actions logs.

1.0

UEFI NTFS drivers v1.0

The default driver provides read+write support. Drivers with the _ro suffix are read-only.
The SHA-256 of each individual driver (which proves that the binaries were built from the public source found here, and not tampered with in any way) can be found in the GitHub Action logs.