May 13, 1997
2am EDT
NEW INFORMATION DISCOVERED
After you apply this patch, any TCP servers you run will not handle OOB data
in an expected way. This can be anything from a minor inconvience to you to
a major problem. Therefore, once again, if you do not feel comfortable
doing this, wait for Microsoft's fix; one is expected soon. For example,
FTP servers will not be able to process abort transfer commands correctly.
NOTE: WORKS ON WINDOWS 95 ONLY. DO NOT APPLY TO WINDOWS NT
NOTE: THIS PATCH IS PROVIDED TO YOU AT YOUR OWN RISK. NO ONE IS
RESPONSIBLE TO ANY DAMAGE TO YOUR MACHINE EXCEPT YOU. IF YOU DO NOT
UNDERSTAND THE CONSEQUENCES, WAIT FOR AN OFFICIAL MICROSOFT FIX.
This is the latest and best(?) fix for the Windows 95 OOB hole that allows
anyone to crash your machine. This fix works on all releases of Windows
95 (950/950a and 950b/1111[OSR2]). This patch *does* allow Netbios to
work as it usually does (e.g. LAN f/p sharing) Simply double click on
the .reg file included in this zip and reboot.
You may then undo whatever temporary fix you have done. To undo it, you
must use regedit to remove the BSDUrgent key entirely. Please let any
one of us know of any troubles.
Here is a direct quote from my source (for win95)
http://www.microsoft.com/kb/articles/q158/4/74.htm
Hkey_Local_Machine\System\CurrentControlSet\Services\VxD\MSTCP
BSDUrgent = 0 or 1
If this value is 1, specifies that Microsoft TCP/IP is to treat urgent data
the way some UNIX systems do (with a maximum of 1 byte of urgent data, for
example). If this value is 0, it specifies that the stack is to handle
urgent data as specified by RFC 1122. The default is 1.
Aaron Weintraub (original and new information discoverer)
aaronw@pobox.com
Skream (original testing)
skream@coca.net
Matt Wilbur (new information testing)
matt@efs.org
Jason Tackaberry (new information testing)
tack@cyber-space.net
Jiva DeVoe (new information testing)
jiva@devware.com
http://www.mydesktop.com/ for the latest in breaking news.