Affects: Windows 95 (including OSR2), Windows NT 3.51, and Windows NT 4.0

Description of Bug:

This bug is a security hole in Windows that allows a malicious user to hang Windows 95 and Windows NT machines that are connected to a network. The attack occurs most commonly over the Internet.

A program was written (called SPING) that sends certain ICMP packets to an IP address of a Windows machine connected to the network. The ICMP packets are fragmented in such a way that the machine attempts to reassemble them, but is unable to. SPING, the theory behind it, and then spin-off applications for multiple platforms were circulated around the Internet, causing malicious users to exploit this hole to crash remote Windows systems from a number of platforms, including Mac and many flavors of UNIX.

When a Windows machine receives the fragmented icmp, it simply freezes up. The machine does not respond to any input from the keyboard or the mouse. This bug has not been shown to cause any significant damage to systems, and a simple reboot is the preferred remedy. However, though non-destructive, this bug could cause possible problems if you have unsaved data in an open application when you are attacked, causing you to lose the data.

 

Available Fix(es):

Windows 95 and NT Users: This attack can be prevented by following the procedures on the WinFiles.com Attack-Proofing Procedures page.

 

 

CertifyEasily

Microsoft and Windows are registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is affiliated with CertifyEasily. The products referenced in this site are provided by parties other than CertifyEasily. CertifyEasily makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be directed to the appropriate manufacturer or vendor.