cross-posted from: https://lemmy.ndlug.org/post/1002763

A critical vulnerability has been identified in the Windows TCP/IP Stack that allows for unauthenticated RCE. No user interaction is required, making this a zero-click vulnerability. This vulnerability affects all supported versions of Windows and Windows Servers.

This remote code vulnerability enables an unauthenticated attacker to repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution. Microsoft has released urgent security patches and recommends to install these asap.

It has been assigned a CVSS score of 9.8. With a low complexity to exploit, can be performed unauthenticated and exploited remotely. Successful exploitation leads to SYSTEM level execution on the target endpoint.

From CVE 2024 38063

The following mitigating factors might be helpful in your situation: Systems are not affected if IPv6 is disabled on the target machine.

  • Rhaedas
    link
    fedilink
    53 months ago

    Any idea on when this will be pushed to the updates? I looked up the manual link and there’s 12 to pick from for my Win10, so I’m a bit cautious. Guess just turning off IPv6 is the best thing for now.

    • @[email protected]OP
      link
      fedilink
      English
      33 months ago

      Based on what I can tell (I don’t usually use Windows), a patch was released on August 13th. As long as you are current with your Windows Updates, this shouldn’t be an issue.

      • Rhaedas
        link
        fedilink
        23 months ago

        First thing I did was look at updates, both if there was something pending and in the history. There was a quality update on the 13th, but it mentions nothing specific about patching any vulnerabilities. I’ve got IPv6 off for all adapters now, so I’ll wait to see if anything more develops.

        At this point in my life I can probably move over to Linux, as I don’t play much games anyway and don’t have to use Office stuff. I’m just lazy. But I suppose when LTS expires (in Nov I think) I might go that route.