PoC Exploit for Zero-Click Vulnerability Made Available to the Masses

August 27, 2024 at 05:06PM Security researcher “Ynwarcs” has disclosed a zero-click vulnerability in Windows TCP/IP, known as CVE-2024-38063, allowing remote code execution on systems with IPv6 enabled. The exploit affects Windows 10, 11, and Server, with an available proof-of-concept on GitHub. Users are urged to apply Microsoft’s latest security updates promptly. Meeting Notes Summary: … Read more

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw

August 15, 2024 at 12:51PM Security experts are urging Windows sysadmins to quickly patch a serious pre-auth remote code execution vulnerability in the Windows TCP/IP stack, with potential for zero-click exploitation. Tracked as CVE-2024-38063, the bug poses a critical risk, prompting Microsoft to issue a severity score of 9.8/10. Additionally, several other zero-days are being … Read more