Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Patches 1990s-Era 'Ping of Death'

Posted by Soulskill on from the better-late-than-never dept.

CWmike writes "Microsoft on Tuesday issued 13 security updates that patched 22 vulnerabilities in Internet Explorer, Windows, Office and other software, including one that harked back two decades to something dubbed 'Ping of Death.' While other patched vulnerabilities we more serious, one marked 'CVE-2011-1871' brought back memories for nCircle's Andrew Storms. 'This looks like the Ping of Death from the early-to-mid 1990s,' he said. 'Then, when a specially-crafted ping request was sent to a host, it caused the Windows PC to blue screen, and then reboot.' Two decades ago, the Ping of Death (YouTube video demonstration) was used to bring down Windows PCs remotely, often as a way to show the instability of the operating system."

6 of 128 comments (clear)

  1. umm by newton62 · · Score: 1, Informative

    better late then never!

    --
    newton62 (56617) Karma: Bad
  2. POD has long since been patched. by atlasdropperofworlds · · Score: 5, Informative

    Just FYI, the POD doesn't affect any modern OSes. It used to bring down Windows NT (and earlier), early linux kernels, as well as Mac OS 7 back in the day.

    1. Re:POD has long since been patched. by Jah-Wren+Ryel · · Score: 3, Informative

      You're forgetting about the part where Microsoft wrote a *BRAND NEW* TCP stack for Vista+. This is why these old bugs keep popping up in the news. Yes, it was patched -- but that was when they were using the forked BSD stack.

      You got marked troll, and it's deserved. But better that someone else explain - MS never used a BSD stack. They licensed the Spider Systems STREAMS stack which was a wholly separate implementation (for one, it was STREAMS which BSD, AFAIK has never implemented).

      However, my understanding is that MS did eventually roll their own stack, iirc it was for XP.

      --
      When information is power, privacy is freedom.
    2. Re:POD has long since been patched. by 93+Escort+Wagon · · Score: 2, Informative

      You got marked troll, and it's deserved. But better that someone else explain - MS never used a BSD stack. They licensed the Spider Systems STREAMS stack which was a wholly separate implementation (for one, it was STREAMS which BSD, AFAIK has never implemented).

      Those of us who are old enough remember the "portions copyright the regents of the University of California Berkeley" (or words to that effect) that used to be part of the Windows legal declarations from 95 onward. It has been considered common knowledge that their pre-Vista TCP/IP stack was taken from BSD, as was their FTP executable. If you're going to claim otherwise, you should offer some citations please.

      However, my understanding is that MS did eventually roll their own stack, iirc it was for XP.

      Nope, the "from the ground up" rewrite was for Vista, although they had previously partially rewritten the stack for Win 2K and for XP I believe. And there were definitely a number of bugs in that new Vista stack - here's one example. But if you were paying attention back during the interminable Vista beta process, you would've remembered the noise about those old TCP/IP vulnerabilities, solved long ago, that Microsoft re-introduced with their new stack.

      --
      #DeleteChrome
  3. Re:I remember the ping of death by Jah-Wren+Ryel · · Score: 4, Informative

    It really didn't do much unless your bombing your buddies dialup server, and thus tying up your dialup line. I guess it could be slightly annoying if you could get a shit ton of people to do it today.

    I don't know what you are talking about, but it certainly isn't the ping of death. Maybe ping flooding? I personally wrote the patch for a now long defunct unix variant which fixed the actual "Ping of Death" vulnerability.

    The way it worked was to send a ping with a 65536 byte payload - technically out of spec for the ICMP protocol by about 30 bytes in length. Since it was out of spec, most IP stacks were written with the assumption that it could never happen. But when it did happen, you got a buffer overflow that would usually panic the OS immediately. At the time, almost every OS on the net was vulnerable even the guys who didn't have BSD-derived stacks like MS Windows.

    So all it took was one single oversized-sized icmp ping to crash just about any computer on the net. Imagine being able to take down all of google's internet presence with just a few thousand packets. Of course, at the time, there was no google.

    --
    When information is power, privacy is freedom.
  4. Re:Patch = turn off ping support? by eht · · Score: 3, Informative

    Since Windows XP SP2 I think it was the firewall is turned on by default(or at least really really encourages you to do so) and blocks ping responses and was released August 25, 2004.