Microsoft Patched FragmentSmack Vulnerability Which Affects Win

Recently, Microsoft has fixed a vulnerability which can lead to Windows systems to be unresponsive due to the CPU utilization reaches up to almost 100% when bombarded with malformed IPv4 or IPv6 packets.

Here, 100% Disk Usage on Windows 10 Task Manager is a very common issue all over the world. And there are various solutions to fixing this issue. Now, you can read this post to learn how to deal with this issue: How to Fix: 100% Disk Usage on Windows 10 Task Manager.

MiniTool Partition Wizard is a tool which is mentioned in this post. It is a free and professional partition manager. If you are interested in this program, you can enter the MiniTool official site to learn it.

In fact, this vulnerability has been already known as FragmentSmack in the Linux community. It is a part of a duo of DDoS-friendly vulnerabilities, which is together with SegmentSmack.

Both of these two vulnerabilities allow the attacks to assault a server with the malformed packets which can generate excessive resource usage. Thus, the CPU usage can even reach up to almost 100%.

Some Information about These Two Vulnerabilities

In this part, we will show you some related information about these two kinds of vulnerability:

In fact, the SegmentSmack (CVE-2018-5390) vulnerability utilizes the malformed TCP packets, but the FragmentSmack (CVE-2018-5391) vulnerability uses the IP packets.

Then, both of these two bugs were considered to integrate into the DDoS botnets. Thus, most Linux distros were hurried to patch the systems.

As a matter of fact, in July and August, the Linux Kernel team patched both of these two issues. The patches have already flowed into the downstream Linux community. On the other hand, the US Computer Emergency Readiness Team (CERT) has released an advisory in mid-August. In this advisory, it warns the cloud and hosting service providers to update systems as soon as possible.

At that time, some discussions about these two vulnerabilities were carried on via emails. In these discussions, two experts – Juha-Matti Tilli of Nokia Labs and the Department of Communications and Networking at the Aalto University, the researcher who discovered both flaws – said that these two bugs influences was not limited in Linux. They might also impact the Mac OS and Windows system.

Microsoft Has Made Respond

Just recently, Microsoft admitted that Windows was vulnerable to FragmentSmack indeed.

Then, Microsoft deployed fixes which could be used on all Windows supported versions like Windows 7/8/10, as well as all of the Windows Server variants. This set of fixes will be treated as part as security advisory ADV180022 which is released with Windows’s monthly security updates action – it is known as Patch Tuesday.

Similarly, FragmentSmack can impact Windows systems using the same way which is acted on Linux. It can make the CPU usage reach up to 100% and block the activities on the infected Windows system. This situation stops when the attackers cease the operation of sending malformed IP packets.

For desktop users, FragmentSmack attack is rare. But, Windows-based servers administers should also utilize the latest fixes as soon as possible.

Besides, the ADV180022 advisory contains some mitigation measures which can be used to stop the attack from FragmentSmack in case that the patches can’t be installed immediately.