Submitted via IRC for TheMightyBuzzard
Microsoft released a security advisory about a denial-of-service vulnerability that could render multiple versions of Windows completely unresponsive and has no mitigation factors, the company says.
The vulnerability affects all versions of Windows 7 through 10 (including 8.1 RT), Server 2008, 2012, 2016, and Core Installations that don't have the latest set of security updates released as part of the September 2018 Patch Tuesday updates.
Tagged with the identification number CVE-2018-5391, the bug received the moniker FragmentSmack because it responds to IP fragmentation, a process that adjusts the packet size to fit the maximum transmission unit (MTU) at the receiving end.
IP fragmentation attacks are a known form of denial of service, where the victim computer receives multiple IP packets of a smaller size that are expected to be reassembled into their original form at the destination.
FragmentSmack is a TCP fragmentation type of attack, also known as a Teardrop attack, that prevents reassembling the packets on the recipient end. The vulnerability is as old as Windows 3.1 and 95, where it crashed the OS, but it was seen in the more recent Windows 7, too.
Why write all new bugs when you can just reboot old ones?
(Score: 2) by Runaway1956 on Wednesday September 19 2018, @09:55AM (2 children)
All systems are vulnerable, and we need to be reminded of that fact from time to time. But, "Windows Systems Vulnerable" gets redundant.
Abortion is the number one killed of children in the United States.
(Score: 4, Informative) by ledow on Wednesday September 19 2018, @10:03AM
Indeed
https://access.redhat.com/articles/3553061 [redhat.com]
It does get me that we still don't do calculations on whether basic features can be used to amplify the impact of such an attack out of a reasonable range, or design protocols so that they don't result in "more data / calculation" than a fixed bound in the first place.
(Score: 2) by DannyB on Wednesday September 19 2018, @05:46PM
Lots of things, even ordinary nominal usage can render Windows systems completely unresponsive and have no mitigation factors*.
* other than upgrading to a REAL operating system
If you eat an entire cake without cutting it, you technically only had one piece.
(Score: 0) by Anonymous Coward on Wednesday September 19 2018, @10:11AM
I read the article(!), the mitigation is to turn of fragmented packet reassembly as such from an elevated command prompt:
(Score: 2) by Revek on Wednesday September 19 2018, @12:37PM (1 child)
I remember these well. It was all fun and games back then. Now someone is going to try to use it make a buck.
This page was generated by a Swarm of Roaming Elephants
(Score: 0) by Anonymous Coward on Wednesday September 19 2018, @05:55PM
Not the people who branded it "FragmentSmack". They don't seem to have registered any domains using the FragmentSmack moniker, so they're not going to be able to market it. What are they waiting for?
(Score: 0) by Anonymous Coward on Wednesday September 19 2018, @04:11PM (2 children)
So teardrop works again. How long 'till they re-implement ping of death?!
in case your memory is shit, it was a malformed NETBIOS packet, that made computers reboot, broadcasting them to LANS ip range was... beauty
(Score: 2) by Revek on Wednesday September 19 2018, @05:04PM
Teardrop made Linux machines reboot. It had a quick patch. Windows machines suffered for months. As soon as Microsoft fixed that someone discovered that you could reverse the order of the flawed packets and it would blue screen and kill the windsock on any windows machine. I remember it being used on IRC networks to clear channels. Great fun. I had a bitchx script that would send packets to all of the people in a channel. The reason why I call it tierdrop was that was the name of the script I had. Good times.
This page was generated by a Swarm of Roaming Elephants
(Score: 3, Insightful) by DannyB on Wednesday September 19 2018, @05:51PM
All old vulnerabilities are new again. Or at least re-invented.
If old vulnerabilities didn't come back to life again, then why would you keep on paying and paying for ever ongoing security updates? Especially when you must pay the company that created the problems in the first place.
Sure I can fix all the defects in this new car you bought, if you pay me to fix ongoing problems that you will discover over time.
If you eat an entire cake without cutting it, you technically only had one piece.
(Score: 0) by Anonymous Coward on Wednesday September 19 2018, @04:53PM
"a denial-of-service vulnerability that could render multiple versions of Windows completely unresponsive"
My question is, how did they even detect it? As a Windows user, I can attest that this is the usual state of the system.
(Score: 3, Funny) by DannyB on Wednesday September 19 2018, @05:54PM
Q. What is the best way to accelerate a Windows PC?
If you eat an entire cake without cutting it, you technically only had one piece.
(Score: 0) by Anonymous Coward on Thursday September 20 2018, @12:37AM
Windows is vulnerable to this? Inconceivable!