CERT-In Issues Critical Alert on Windows IPv6 Security Vulnerabilities

Apps & Games / Desktop / Windows / CERT-In Issues Critical Alert on Windows IPv6 Security Vulnerabilities
25 Aug 2024

Visual and Emotional Appeal

This warning serves as a clarion call for Windows PC users to act swiftly. The potential for unauthorized code execution and privilege escalation is alarming, making it imperative for users to take proactive measures to protect their systems.

Key Moments

  • Vulnerability Classification: CERT-In has classified the security flaws as “Critical.”
  • Affected Systems: Windows PCs utilizing IPv6 connectivity, along with specific versions of Windows and Windows Server.

Security Flaws

  • Windows TCP/IP Remote Code Execution: This flaw allows for arbitrary code execution.
  • Windows Kernel Vulnerability: This permits privilege escalation.

Details About the Narrative

CERT-In's latest report highlights two critical vulnerabilities impacting Windows PCs. The first is a remote code execution flaw associated with the Windows TCP/IP stack, particularly affecting systems that utilize IPv6. Attackers can exploit this vulnerability by sending specially crafted IPv6 packets, which may lead to arbitrary code execution on the targeted system.

The second vulnerability resides within the Windows Kernel, allowing attackers to gain elevated privileges through a race condition. This flaw affects various versions of Windows and Windows Server, potentially enabling unauthorized access if successfully exploited. To mitigate these risks, the government body has recommended that users disable IPv6 if it is not essential and ensure they apply the latest updates from Microsoft. For the Windows Kernel vulnerability, users are advised to install the most recent security patch addressing the “CIVN-2024-0260” vulnerability.

Important Points

IPv6 Vulnerability

  • Affected Devices: Windows PCs connected to IPv6.
  • Cause: An integer underflow weakness leading to a buffer overflow.
  • Solution: Disable IPv6 if not needed; apply Microsoft updates by navigating to Settings → Software Update to install the latest update.

Windows Kernel Vulnerability

  • Affected Versions:
    • Windows 10: Versions 1607, 1809, 21H2, 22H2
    • Windows 11: Versions 21H2, 22H2, 23H2, 24H2
    • Windows Server: 2016, 2019, 2022 (including Server Core installations)
  • Cause: A race condition in the Windows Kernel.
  • Solution: Install the latest security patch for “CIVN-2024-0260.”
Update: 25 Aug 2024