Microsoft Warns of Critical TCP/IP Vulnerability in Windows Systems

Apps & Games / Close All Windows / Desktop / Windows / News Close All Windows for Desktop Windows / Microsoft Warns of Critical TCP/IP Vulnerability in Windows Systems
14 Aug 2024

Microsoft has issued a critical warning to its customers regarding a significant TCP/IP remote code execution (RCE) vulnerability that affects all Windows systems utilizing IPv6, which is enabled by default. The vulnerability, tracked as CVE-2024-38063 and discovered by Kunlun Lab’s XiaoWei, stems from an Integer Underflow weakness. This flaw could allow attackers to exploit buffer overflows, potentially executing arbitrary code on vulnerable systems, including Windows 10, Windows 11, and Windows Server.

In a recent tweet, the security researcher emphasized the seriousness of the vulnerability, stating, “Considering its harm, I will not disclose more details in the short term.” He also noted that simply blocking IPv6 on the local Windows firewall would not prevent exploitation, as the vulnerability is triggered before the firewall processes the packets.

According to Microsoft’s advisory, unauthenticated attackers can remotely exploit this flaw through low-complexity attacks by sending specially crafted IPv6 packets. The company has assessed the exploitability of this critical vulnerability, labeling it with an “exploitation more likely” tag, indicating that threat actors may develop exploit code capable of consistently targeting the flaw.

Microsoft further acknowledged that there have been previous instances of similar vulnerabilities being exploited, making this particular flaw an attractive target for attackers. Consequently, the company advises customers who have reviewed the security update to prioritize its implementation within their environments.

For those unable to install the latest Windows security updates immediately, Microsoft recommends disabling IPv6 as a temporary mitigation measure to reduce the attack surface. However, the company cautions against turning off IPv6 entirely, as it is a “mandatory part of Windows Vista and Windows Server 2008 and newer versions,” and doing so may disrupt the functionality of certain Windows components.

Wormable Vulnerability

Dustin Childs, Head of Threat Awareness at Trend Micro’s Zero Day Initiative, has classified the CVE-2024-38063 bug as one of the most severe vulnerabilities addressed by Microsoft this Patch Tuesday, referring to it as a wormable flaw. “The worst is likely the bug in TCP/IP that would allow a remote, unauthenticated attacker to get elevated code execution just by sending specially crafted IPv6 packets to an affected target,” Childs explained. He added that while disabling IPv6 could mitigate the risk, it is enabled by default on nearly all systems.

As Microsoft and other organizations urge Windows users to promptly patch their systems to guard against potential attacks utilizing CVE-2024-38063, it is worth noting that this is not the first, nor will it be the last, Windows vulnerability that can be exploited through IPv6 packets. Over the past four years, Microsoft has addressed several other IPv6-related issues, including two TCP/IP vulnerabilities tracked as CVE-2020-16898/9 (commonly referred to as Ping of Death), which can be exploited for remote code execution (RCE) and denial of service (DoS) attacks via malicious ICMPv6 Router Advertisement packets.

Additionally, an IPv6 fragmentation bug (CVE-2021-24086) left all Windows versions susceptible to DoS attacks, while a DHCPv6 flaw (CVE-2023-28231) enabled potential RCE through specially crafted calls. Although widespread attacks exploiting these vulnerabilities have not yet occurred, users are strongly advised to apply this month’s Windows security updates without delay, given the heightened risk associated with CVE-2024-38063.

How to setup remote desktop windows 11 home?

Windows 11 Home edition does not support Remote Desktop for acting as a remote host. To access remote desktop features, you need to upgrade to Windows 11 Pro, Enterprise, or Education editions. However, you can use third-party applications such as AnyDesk, TeamViewer, or Chrome Remote Desktop to achieve similar functionality. Download and install one of these applications, follow their setup guides, and you'll be able to remotely access your Windows 11 Home PC.

How to crop a video on windows 10?

To crop a video on Windows 10, you can use the built-in Photos app or a third-party video editor. Using the Photos app, open the video, click on 'Edit & Create' > 'Create a video with text'. This opens a video editor where you can trim or split the video. To crop, you’ll need a third-party application like OpenShot or VLC. For OpenShot, import the video, drag it to the timeline, and use the crop effect to select the area you want to keep.
Update: 14 Aug 2024
Close All Windows

Close All Windows download for free to PC or mobile

4
556 reviews
3111 downloads

News and reviews about Close All Windows

Loading...