Microsoft has fixed this week a vulnerability that can cause Windows systems to become unresponsive with 100% CPU utilization when bombarded with malformed IPv4 or IPv6 packets.
The vulnerability is already well known in the Linux community as FragmentSmack, part of a duo of DDoS-friendly vulnerabilities, together with SegmentSmack.
Also: Best Home Security Devices for 2018 CNET
Both vulnerabilities allow an attacker to bombard a server with malformed packets to trigger excessive resource usage.
Because of their consequences, both bugs were deemed ideal to integrate into DDoS botnets, and as a result, many Linux distros hurried to patch their systems.
The Linux Kernel team patched both issues in July and August --patches that flowed into the downstream Linux community-- and US Computer Emergency Readiness Team (CERT) released an advisory in mid-August, warning cloud and hosting service providers to update systems as soon as possible.
At the time, in mailing lists carrying discussions about the two vulnerabilities, Juha-Matti Tilli of Nokia Labs and the Department of Communications and Networking at the Aalto University, the researcher who discovered both flaws, said the two bugs might also affect macOS and Windows.
This week, Microsoft confirmed that Windows was, indeed, vulnerable to FragmentSmack.
Fixes were deployed to all Windows supported versions, such as 7, 8.1, 10, and all the Windows Server variants, as part as security advisory ADV180022, released with the company's monthly security updates train, known as Patch Tuesday.
Just like on Linux, FragmentSmack affects Windows systems in the same way, and drives CPU usage to 100%, blocking activity on the attacked system until the attacker stops sending malformed IP packets.
Also: 7 tips for SMBs to improve data security TechRepublic
While desktop users will rarely see a FragmentSmack attack, admins of Windows-based servers should apply the latest fixes at their earliest convenience.
The ADV180022 advisory also includes some mitigations that will stop FragmentSmack attacks from jamming a server, in case patches can't be applied right away.
Microsoft says its Azure infrastructure has already been reinforced against this threat. The OS maker did not provide any additional details about FragmentStack's twin vulnerability --SegmentSmack-- but if we are to believe Tilli, that flaw might work against Windows systems as well.
h/t Ruben Dodge
Previous and related coverage:
Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.
This simple advice will help to protect you against hackers and government surveillance.
Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.