Microsoft Patched FragmentSmack Vulnerability Targeting Windows

  • 55

This Tuesday, Microsoft September Patch was rolled out containing fixes for a number of security vulnerabilities. While it gained attention due to the patch for the infamous APLC zero-day vulnerability discovered recently, it also fixed a vulnerability that primarily affected Linux. Reportedly, Microsoft also fixed the FragmentSmack vulnerability affecting Windows systems.

FragmentSmack Vulnerability Also Affected Windows

The FragmentSmack vulnerability became known last month since it was discovered to affect the Linux Kernel. The vulnerability gained attention right after another similarly named vulnerability ‘SegmentSmack’ was discovered. Both the vulnerabilities SegmentSmack (CVE-2018–5390) and FragmentSmack (CVE-2018-5391) triggered DoS attacks.

As disclosed earlier, by exploiting these vulnerabilities, an attacker could easily cause a Denial-of-Service (DoS) at the target server by bombarding it with modified data packets. The difference between the two lies in their target – SegmentSmack targeted ongoing TCP sessions with modified data packets, whereas FragmentSmack relied on sending modified IP packets to the IP fragment reassembly. Both the vulnerabilities caused excessive resource usage leading to a denial of service.

Microsoft Already Patched The Vulnerability

The September Patch by Microsoft, along with other fixes, also contained a patch for FragmentSmack. As stated in their advisory ADV180022 about the vulnerability,

“Microsoft is aware of a denial of service vulnerability (named “FragmentSmack” CVE-2018-5391) affecting Windows systems. An attacker could send many 8-byte sized IP fragments with random starting offsets, but withhold the last fragment and exploit the worst-case complexity of linked lists in reassembling IP fragments. A system under attack would become unresponsive with 100% CPU utilization but would recover as soon as the attack terminated.”

While the vulnerabilities already affected Linux users, their next target included Windows users. The vulnerabilities affected Windows 10, 8.1, 7, Windows Server 2008, Windows Server 2012, and Windows Server 2016.

Microsoft have already released their security update for this vulnerability on September 9, 2018, and also published the advisory. It then merely updated the information whilst releasing the September Patch Bundle. Users should make sure to update their systems so as to stay protected from these vulnerabilities.

Let us know your thoughts about the article in the comment section below.


Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!