In the early 2000s attackers could very easily leverage naïve mechanisms of IP fragmentation and reassembly to intercept packets, modify them, or cause denial of service. The same fundamental flaw brought up other techniques such as stealth-scan.These attacks relied on the trivial predictability of the IP identification field. The major operating systems fixed the problem by adding a randomization element. A simple and efficient solution.For years this seemed to have done the trick until a seemingly innocent but unnecessary reorganization of the relevant code in the Windows kernel left things even worse than they began: opening back not only these attacks, but also leaking kernel memory in a very funny way.Unlike any of the vulnerabilities I've ever had the privilege to discover/research, this vulnerability (CVE-2018-8493) is a (simple) crypto bug, which shouldn't have been so damaging. The system's design, however, caused it to break down the entire mechanism.