Home / Gadgets / Windows Error “Ping of Death” Uncovered – Patch Now! – Sheer security

Windows Error “Ping of Death” Uncovered – Patch Now! – Sheer security



Every time critical patches are released for an operating system, device, or app that we think you are using, you can predict in advance what we will say.

Patch early, patch often.

Why would you risk letting the crooks sneak in front of you when you could take a decisive step in front of them?

Well, this month the SophosLabs Offensive Security team (that’s offensive as on the opposite of defensiveIncidentally, not like the opposite of polite;; and it’s the security that’s offensive anyway, not the team) made it up even more convincing Advice “patch now”.

It’s a short video that shows an unpatched Windows 1

0 computer crashing at will on the network by a simple Python script that throws errors:

If the person running the script can direct a specially crafted IPv6 network packet at your computer – specifically an ICMP packet with booby traps – they can crash you without warning.

You’ll see a Blue Screen of Death (BSoD), and any work you didn’t save will be lost, probably forever.

ICMP is short for Internet Control Message Protocoland it’s a low-level network packet that is much easier than setting up a regular TCP connection and even easier than UDP. The most popular type of ICMP message is probably a Ring Package generated by the ping Utility that is present on almost every operating system. You Ring a computer based on its IP address and when it receives the packet it sends a response – a Pong Package if you want. Pinging tests whether you can even communicate with another device as a basic but useful starting point for network diagnostics. If someone can ping your unpatched Windows 10 or Windows Server 2019 computer from theirs, they can likely crash you with this error.

We won’t go into the details here – and even in the SophosLabs report, our experts avoided disclosing enough to allow you to exploit this vulnerability at your own discretion – but you need to understand that this bug is known as CVE-2020. 16898.

The bug was discovered in a Windows component called TCPIP.SYSand as the filename suggests, this is not just any old program.

TCPIP.SYS is a kernel driver. If you trigger this error, you are exploiting a vulnerability in the kernel itself that is at the core of any running Windows system.

Because of this, the system crashes with a BSoD instead of just shutting down an application with an error and leaving everything else running.

After all, shutting down the kernel means that nothing else needs to be done, as the kernel controls everything else.

So, a kernel crash, also known as a panic In Unix lingo, forces a full shutdown followed by an automatic restart.