Thanks to 2600 Magazine and the folks at Zappadoodle.com, I have learned of a new and quite interesting bug inside of Windows NT/2000/XP that I think all should hear about. I am not going to give you the exact technical details of this new bug (let Zappadoodle.com take care of that.
The bug is a simple one, you send some text to the console window “Hung Up” for example and the add a TAB character as well as 6 or so BACKSPACE characters to the line and reprint. At some point the process that handles console output CRSS.EXE will not be able to handle this and the entire computer will crash. Your likely to get an interesting Blue Screen letting you know of the details.
What I find most interesting (and possibly more shocking) is that this problem exists in all versions of Windows NT 4, Windows 2000, and Windows XP currently on the market. Its almost like you had a car and if you had kicked the bumper in the right way, the car would fall apart. What’s more telling though, it that a user of any privileges can take this action and completely toast an NT computer.
I have tested an example with Delphi 5. I downloaded the example code from Zappadoodle.com and complied it into a small console application. The code I used was:
program BlueScrn;
{$APPTYPE CONSOLE}
uses
SysUtils;
Var Loop : Integer;{loop a few times until NT fails..}
begin
for Loop := 0 to 1000 do begin
Write('Hung Up'+#9#8#8#8#8#8#8);
end;
end.What can an administrator do to control the use of this kind of code? Sadly there is really little that can be done of the user is actually granted the right to login to the computer. Some things that can be done apart from that is enforce strong security and possibly attempt to control the applications that can be run in that session. I wonder if .NET server will have this problem?