Wednesday, December 17, 2008

How to crash SBS2008 (and Vista)

I came across a bug in Microsoft Vista that allows it to be crashed from the command prompt by simply typing a single command. Apparently, Microsoft don’t believe that it warrants enough emphasis to provide a patch. They say they will fix it in the next Service Pack (due soon).

 

I was then a little curious. If Vista and Windows 2008 (and therefore SBS 2008) are based on the same TCP/IP stack would I also be able to crash SBS 2008?

 

I made sure my SBS 2008 machine was up to date:

 

image_6_30ADE1F4

image_8_30ADE1F4

 

Firstly, I go to the command prompt as an administrator and type:

 

route add 1.2.3.4/240 4.3.2.1

 

image_2_30ADE1F4

 

[On my test SBS2008 server it did not always happen immediately but I could normally force the issue if it didn’t happen initially by removing the route via the command:

route delete 1.2.3.4

]

 

I then wait a few moments and

 

image_4_30ADE1F4

 

BAMM! Blue screen of death!

 

Sure, to actually execute this command on Vista or SBS2008 you need to run it from a console but what is to stop some enterprising person getting this to run on a victim’s machine? We all know users just love to click and install spyware. So even though Microsoft say it isn’t a big worry I’d be concerned, especially as there is currently no patch available.

 

image_10_30ADE1F4

 

Information about the Vista issue is here but ladies and gentlemen the same thing happens on SBS 2008 so beware. Roll on Service Pack 2.