Some versions of all Windows based operating systems are vulnerable to larger than normal ICMP packets. If someone were to issue the ping command, specifying a large packet size of 64k, then the TCP/IP stack will cease to function correctly. This effectively takes the system offline until rebooted -- and thus, successfully achieves a denial of service attack. The following command can be used to test for the problem:

ping -l 65524 host.domain.com