answersLogoWhite

0

WinNuke refers to a remote denial-of-service attack (DoS) that affected the Microsoft Windows 95, Microsoft Windows NT and Microsoft Windows 3.1x computer operating systems.The exploit sent a string of OOB (out of band) data to the target computer on TCP port 139 (NetBIOS). The OOB data was a malicious TCP packet containing an Urgent Pointer (URG). The Urgent Pointer is a rarely used field in the TCP header, used to indicate that some of the data in the TCP stream should be processed quickly by the recipient. Affected operating systems didn't handle the Urgent Pointer field correctly. When the system failed to process the field, the computer locked up and displayed a Blue Screen of Death. This did not damage or change the data on the computer's hard disk, but any unsaved data would be lost.

The term WinNuke was not a particular piece of malware, rather it is used to describe malware that exploited the aforementioned vulnerability to cause a Denial of Service. Most of the WinNuke malware was busy doing its damage around 1997, although a newer family of malware got released into the wild around 2010 that exploits a similar vulnerability in Windows NT, 2000, XP, and even .NET to the same ends, i.e. DOS.

User Avatar

Wiki User

13y ago

What else can I help you with?