Windows NT can be crashed by executables containing malformed image headers

Risk Level: Low risk vulnerability  Low

Check or Attack Name: NtMalformedImageHeader
Platforms: Windows NT: 4.0 SP4, Windows NT: 4.0 TSE
Description:

It is possible to crash a Windows NT machine if the user executes a file with a specially malformed image header. The system will require a reboot to become functional again.
Remedy:

Windows NT 4.0 Service Pack 5 resolves this problem. Apply the latest Windows NT 4.0 Service Pack, or apply the Windows NT 4.0 post-SP4 kernel-fix update from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/Hotfixes-PostSP4/Kernel-fix/.
References:

Microsoft Security Bulletin MS99-023, Patch Available for "Malformed Image Header" Vulnerability, http://www.microsoft.com/security/bulletins/ms99-023.asp

Microsoft Knowledge Base Article Q234557, Executable with a Specially-Malformed Image Header May Crash Windows NT, http://support.microsoft.com/support/kb/articles/q234/5/57.asp

Microsoft Security Bulletin MS99-023, Microsoft Security Bulletin MS99-023: Frequently Asked Questions, http://www.microsoft.com/security/bulletins/MS99-023faq.asp
X-Force Logo
Know Your Risks