August 27, 2024 at 05:06PM
Security researcher “Ynwarcs” has disclosed a zero-click vulnerability in Windows TCP/IP, known as CVE-2024-38063, allowing remote code execution on systems with IPv6 enabled. The exploit affects Windows 10, 11, and Server, with an available proof-of-concept on GitHub. Users are urged to apply Microsoft’s latest security updates promptly.
Meeting Notes Summary:
– Security researcher “Ynwarcs” published analysis of a critical zero-click vulnerability in Windows TCP/IP.
– The vulnerability, tracked as CVE-2024-38063, is a remote code execution flaw affecting Windows systems with IPv6 enabled.
– Originally discovered by XiaoWei of Kunlun Lab, CVE-2024-38063 can be exploited on Windows 10, Windows 11, and Windows Server systems with no user interaction.
– Ynwarcs released a PoC exploit code for the flaw, available on GitHub, increasing the risk of exploitation by threat actors.
– Microsoft advises users to apply the latest security updates as soon as possible to mitigate the potential threats. Organizations running Windows systems with IPv6 enabled should apply patches immediately and monitor any unusual IPv6 packet activity.