From the ~100 safety fixes launched this month by Microsoft, a crucial vulnerability additionally acquired a repair, for which a researcher alerted customers. Particularly, Microsoft patched a zero-click TCP/IP flaw that might enable unauthenticated distant code execution assaults.
Researcher Alerts Microsoft Customers About The Zero-Click on TCP/IP RCE Flaw
Safety researcher XiaoWei from Kunlun Lab lately highlighted a critical safety vulnerability that Microsoft has simply patched.
As talked about in Wei’s X put up, a distant code execution vulnerability affected the TCP/IP module in Home windows programs. The vulnerability caught the researcher’s consideration ‘a number of months in the past’, after which Wei responsibly disclosed the flaw to Microsoft.
Following Wei’s report, Microsoft addressed the vulnerability, releasing the patch with the August 2024 Patch Tuesday updates.
Whereas this Patch Tuesday is already essential for customers, contemplating it addressed ten zero-days, the patch for 9 crucial vulnerabilities, together with this TCP/IP flaw, makes it much more essential for them to use instantly.
Microsoft recognized this vulnerability as CVE-2024-38063, which acquired a crucial severity score and a CVSS rating of 9.8. Describing this vulnerability, Microsoft’s advisory reads,
An unauthenticated attacker might repeatedly ship IPv6 packets, that embody specifically crafted packets, to a Home windows machine which might allow distant code execution.
From the outline, it’s clear that the vulnerability sometimes targets IPv6-enabled programs. It’s a critical matter, provided that IPv6 comes enabled by default within the newest Home windows 11. Which means this safety difficulty predominantly threatens the most recent Home windows programs, whereas the older programs with unsupported or disabled IPv6 remained unaffected.
How To Verify/Allow/Disable IPv6 On Home windows (10/11)
Though Microsoft doesn’t advocate disabling IPv6, customers should know that IPv6 isn’t usually supported but, notably for older gadgets.
Therefore, whereas an energetic IPv6 is likely to be helpful in some circumstances, it’s protected to disable IPv6 on programs in different conditions, equivalent to when utilizing a VPN that doesn’t assist IPv6, or to forestall exploitation of vulnerabilities like CVE-2024-38063.
Home windows 10 and 11 customers could comply with this path to verify IPv6 standing on their machine: Management PanelNetwork and InternetNetwork Connections. Then, right-click on the energetic community connection icon and go to ‘Properties.’ Subsequent, verify or uncheck the “Web Protocol Model 6 (TCP/IPv6)” choice to allow or disable IPv6.
Tell us your ideas within the feedback.