Windows Cryptic Error Messages

May 10 2014 04:52 PM | Stephen in Legacy Security Articles

- - - - - Tags: security windows networking
All those of you who re Windows users, may be pretty familiar with the blue error screen that Windows pops up now and again.Ilegal Operation errors, Exception errors and Kernal errors are a common sight. The problem with these common errors is that they provide the user with very little info on what caused the error to occur and why the hell did the application or Windows crash.In order to diagonise the reasons behind the crash or error, we need to be able to understand what Windows is trying to tell us through the weird difficult to understand error messages it provides us with.

There has been a lot of talk about Windows being a lamer's machine and a real uberhacker uses a Linux box and everything else...well I do not agree with it. There is a common belief amonst people that Windoze is very insecure and it sucks but then on the other hand Red Hat too is not so great in the security sphere. There are nearly 50 known exploits to get root on a Linux box. The reason why hackers have found so many holes or bugs in Windows is due to the fact the Windows is the most widely used OS in the world and the largest number of Hackers have access to Windows and the largest number of people have a go at Windoze's Security. The only thing that is in support of Linux is the fact that it is free and the concept of Open Source and wel performance. So what I think is that there is nothing wrong in Using a Windoze box for Hacking. Yes Linux does provide you access to some kewl hacking tools from the various shells but for Windows there are many third party freebies that allow you to do the same thing. Linux does make hacking easier but there is nothing wrong in using Windows for Hacking.If you are able to understrand the entire Windows system then believe me, it is great.
Anyway, lets get down to what this manual is actually meant for.
Errors
Many people go real panicky when they see the blue error screen or the blue death, they really don't know what to do, some even start calling tech support saying that their computer is infected with a virus. Well there is no reason for a user to dread Windows error messages. They can be used usefully and for diagonising problems or roots of the problems, and answer questions like What exactly caused an error to occur and When does an error occur and What sould I do to rectify this error.
There are three general types of error messages you may encounter when working with applications under Win-dows. These are Exception errors, Illegal operation errors and Kernel errors.

Exception Error
An exception error signifies that something unexpected has happened within the Windows environment, typically an improper memory access. For example, an application or a Windows component might read or write to a memory location that has not been allocated to it, potentially overwriting and corrupting other program code in that area of memory.

Fatal Errors
Fatal exception errors are typically of the form: 'A fatal exception <Xx> has occurred atxxxx:xxxxxxxx.
Fatal exception errors are codes returned by a program if access to an illegal instruction has been encountered, invalid data or code has been accessed, or the privilege level of an operation is invalid.
When any of these errors occur, the processor returns an exception to the operating system, which in turn is han-dled as a fatal exception error. In many cases, the exception is non-recoverable, and the system must be restarted or shut down, depending on the severity of the error.
In the fatal exception error 'A fatal exception <XX> has occurred at xxxx:xxxxxxxx, the <XX> represents the actual processor exception from OO to OF. The xxxx:xxxxxxxx represents the 'code segment pointer:actual address where the exception occurred'.

Illegal Operation errors
Illegal Operation errors or 'program crashes' are actually invalid page faults (IPF). The error message is similar to:
'This program has performed an illegal operation and will be shut down. If the problem persists, contact the pro-gram vendor.' If you click Details, the following error message appears:
'<Application> caused an invalid page
fault in module <module name> at <address>.' After you click OK, the pro-gram is shut down.
An invalid page fault also occurs when a program or a Windows compo-nent reads or writes to a memory loca-tion that is not allocated to it. Kernel errors are also similar.
The first clue to the cause of an IPF is in the IPF error message that is dis-played. Note the module name that is listed. If you can gather clues about the component that is causing the IPF, then you can target the specific cause of the problem.
Sometimes, removing and rein-stalling the file mentioned in the IPF cor-rects the problem. Mso, noting when the error occurs can help determine the cause of the problem. For example, if the error occurs when you try to print a doc-ument in Word, the problem could be with the printer driver rather than Word itselL
A key part of troubleshooting IPFs is to determine how widespread the problem is. Try to answer the following questions:
Is the problem reproducible (can you make it happen whenever you want), or does it occur at random?
Does the problem occur only in the current application or in other applica-tions as well?
Are there specific, known issues about the application that describe your problem?
Does the problem happen only with a particular file handled by that applica-tion?
Does the problem occur only at a par-ticular time, such as while printing?
If, when trying to reproduce the problem, the error does not occur again, you can assume you have solved the problem. If the error occurs in other applications, most probably the fault is not with the application but with Win-dows, a component of Windows or a piece of software that is running in the background. Check with the program vendor's site if there are known issues with the application that may cause IPFs under specific circumstances. If the IPF is specific to a certain file opened by this application, the file may be too large, or damaged.
Well I hope know you know how to face Windows error messaages and make use of them to get rid of roots of crashes and prevent them.
Ankit Fadia


0 Comments