December 9, 2023

Researchers warned window operating system users regarding the susceptibilities of Windows 7 to blind TCP/IP hijacking attacks. Adam Zabrocki reported the vulnerability to Microsoft reported eight years ago.

Windows 7 was launched in the year 2009 and reached its end of life a year ago – which can be seen in users no longer receiving security updates. In 2012, a security researcher notified Microsoft regarding the same TCP/IP vulnerabilities that made the attack feasible in Windows 7 and all the subsequent versions.

Microsoft only patched the bug in Windows 8 and considered the bug “very difficult” to be exploited. Nearly one in four PCs is still running on the old operating system and are potentially susceptible to form of cyber-attack. In 1994, Kevin Mitnick orchestrated the most infamous blind TCP/IP hijacking strike against the computer systems of Tsutomu Shimomura at the San Diego Supercomputer Centre on Christmas day.

The impact of TCP/IP hijacking attacks is not as fatal as it was some years ago. If the threat actor can hijack any TCP/IP session which is established but the upper-layer structure properly executes encryption then the options of a threat actor are limited in terms of what they can do with it; with the assumption that the cyber attacker does not have the capability of generating encrypted messages.

Packets containing IP header were sent to the victim’s user to discover how many packets were sent to link each probe. This laid the path to a ‘covert channel’ via which could uncover the user IP and port, and sequence numbers for both users and server.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.