Security Hole discovered by Fabio Ciucci during the last week of October 1998. Only one Kb of .class file is required (it's a special Java applet who uses the "modified" java specifications by Microsoft) to crash not only Explorer 4.0, 4.1 (and Explorer 5 beta too!), but the whole Windows system (Windows 95, and Windows 98): all the open tasks are lost immediately, and a reboot is required.
On Windows NT, Internet Explorer crashes, but the operating system in most cases is still usable.

Warning: I hope it will not happen, but if others will release free versions of applets containing this bug, virtually every internet page will become dangerous, and same for e-mails attachments: users will have no time to hevitate the total crash and loss of not saved work. This is why I call this more a security hole than a bug.
This is why I don't disclosed the informations required to re-create the bug, and why I protected and obfuscated the applet to make it unusable outside www.anfyjava.com.
But, I think is a right of internet users to know the existence of this security hole.

NOTE: The applet will NOT RUN in true and 100% pure Java environments, such as Netscape Navigator, Sun's HotJava or using the Java Plugin. As explained before, Java is a secure and reliable technology, and the bug is only present in NON STANDARD Java modifications done by Microsoft in his Internet Explorer 4 on Windows systems (the applet will not work on Explorer 3 or previous, and in Apple Mac Explorer).


Articles about Microsoft not standard (incompatible) java implementation, and this security hole:


From: "Sun free to terminate Microsoft's Java contract", PC Week Online:

"With a ruling due anytime now in the Java case between Microsoft Corp. and Sun Microsystems, a key date has come and gone -- the first anniversary of the suit -- and that means Sun now has the right to terminate Microsoft's Java license."


From: "DirectDraw bug causes crashes", CNET News.com:

"This is a denial-of-service problem in that it prevents you from using the system," said Microsoft product manager for platform marketing Joe Herman. "[Ciucci's] applet is hanging the system, and it's a bug that we need to correct.", Herman did not know when Microsoft would issue a patch.


Here you can test the bug on your system, at your own risk: in no event the author of the applet or its suppliers will be liable for any lost revenue, profit, or for direct, special, indirect, consequential, incidental or punitive damages how ever caused and regardless of theory of liability, even if the author have been advised of the possibility, in 99% of cases, of such damages.

WARNING: Clicking the button, Windows will CRASH!
WARNUNG: Wenn Sie die Schaltfläche anklicken, wird Windows ABSTÜRZEN!
ATTENTION: Cliquer sur le bouton et Windows PLANTERA!
?x???F,»,Ìf{f^f?,ðfNfSfbfN,·,é,Æ?AWindows,ÍfNf?fbfVf?,µ,Ü,·?I
LA ADVERTENCIA: apretando el botón, Windows ESTRELLARA!
ATENÇÃO: Clicando no botão, o Windows TRAVARÁ!
ATTENZIONE: Premendo il bottone, Windows si BLOCCA!

Your browser doesn't support Java or has java disabled!

For communications, contact me throught the contact page on the www.anfyjava.com main site, where you can download for free Anfy Java 1.2, my awarded tool, useful to add special effects to html pages. I discovered the Explorer bug during the developing of the new version of this program, trying to use the "not standard" Microsoft java modifications, just following the official documentation, but the result was in finding those modifications are not working in some cases, and even extremely dangerous in this particular case.