Security Home > Windows 95, 98 & ME

Incomplete TCP/IP Packet Vulnerability

A security vulnerability exists in Microsoft® Windows NT 4.0 and Windows 95, 98, 98 Second Edition, and Windows Me which could allow a malicious user to temporarily prevent an affected machine from providing any networking services or cause it to stop responding entirely.

Issue

There is a denial of service vulnerability that affects Windows NT 4.0 Windows 95, 98, 98 Second Edition and Windows Me. By sending a flood of specially malformed TCP/IP packets to a victim’s machine a malicious user could cause either of two effects. In the most likely case, the flood would temporarily prevent any networking resources on an affected computer from responding to client requests; as soon as the packets stopped arriving, the machine would resume normal operation. In a less likely case, the system could hang, and remain unresponsive until it was rebooted.

This vulnerability could only be exploited if TCP port 139 was open on the target machine. If the server service or File/Print sharing were disabled on a computer it would not be susceptible to this vulnerability.

Affected Products

  • Windows 95, 98, Me and NT 4.0

Solution

Windows NT 4.0 users should download the patch below. Windows 95, 98 and Me users should disable file and print sharing as discussed in KB article Q199346.

Download

Patch: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25114

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: November 30, 2000

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<