We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

IPv6 packets

PoCcode released for zero-click Windows critical vuln
Winsage
August 29, 2024

PoCcode released for zero-click Windows critical vuln

A critical vulnerability in Windows, designated CVE-2024-38063, has been identified with a CVSS score of 9.8, allowing unauthenticated attackers to execute code remotely on unpatched machines via specially crafted IPv6 packets. All versions of Windows 10, Windows 11, and Windows Server are affected. A temporary workaround is to disable IPv6 and revert to IPv4. Microsoft released a patch for this vulnerability on August 13, but system administrators often delay patch installations, leading to exploitation opportunities. A developer has released proof-of-concept code for the vulnerability. Marcus Hutchins noted the rapid identification of the flaw, which stemmed from a single change in the driver file. Users are urged to patch their systems promptly to mitigate risks.
CERT-In Issues Critical Warnings for Windows PCs: IPv6 and Kernel Vulnerabilities Explained - PUNE.NEWS
Winsage
August 25, 2024

CERT-In Issues Critical Warnings for Windows PCs: IPv6 and Kernel Vulnerabilities Explained – PUNE.NEWS

The Indian Computer Emergency Response Team (CERT-In) has issued a critical security alert regarding vulnerabilities in Windows PCs, classified as "Critical." The vulnerabilities affect Windows PCs using IPv6 connectivity and include: 1. Windows TCP/IP Remote Code Execution Vulnerability: This flaw allows arbitrary code execution through specially crafted IPv6 packets. 2. Windows Kernel Vulnerability: This flaw permits privilege escalation via a race condition. Affected systems include: - Windows 10: Versions 1607, 1809, 21H2, 22H2 - Windows 11: Versions 21H2, 22H2, 23H2, 24H2 - Windows Server: 2016, 2019, 2022 (including Server Core installations) To mitigate these risks, users are advised to: - Disable IPv6 if not necessary and apply the latest Microsoft updates. - Install the latest security patch for the Windows Kernel vulnerability identified as “CIVN-2024-0260.”
Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now
Winsage
August 14, 2024

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

Microsoft has issued a warning about a critical TCP/IP remote code execution vulnerability, tracked as CVE-2024-38063, affecting all Windows systems using IPv6. Discovered by Kunlun Lab's XiaoWei, the vulnerability arises from an Integer Underflow weakness that could allow attackers to exploit buffer overflows and execute arbitrary code on systems, including Windows 10, Windows 11, and Windows Server. Unauthenticated attackers can exploit this flaw by sending specially crafted IPv6 packets, and Microsoft has labeled it with an "exploitation more likely" tag. The company advises customers to prioritize implementing the security update and suggests disabling IPv6 temporarily as a mitigation measure, while cautioning against completely turning it off. The vulnerability has been classified as wormable, and it is part of a history of similar IPv6-related vulnerabilities addressed by Microsoft over the past four years. Users are urged to apply the latest Windows security updates promptly due to the increased risk associated with this vulnerability.
Critical 0-Click RCE in Windows TCP/IP Stack Impacts All Systems
Winsage
August 14, 2024

Critical 0-Click RCE in Windows TCP/IP Stack Impacts All Systems

Microsoft has issued a security update for a critical remote code execution vulnerability in the Windows TCP/IP stack, designated as CVE-2024-38063. This vulnerability affects all supported versions of Windows and Windows Server, including Server Core installations, and has a maximum severity rating of Critical with a CVSSv3 score of 9.8. Key characteristics of CVE-2024-38063 include: - Exploitation can occur remotely via specially crafted IPv6 packets. - It is a “0-click” vulnerability, requiring no user interaction. - Exploitation is only possible through IPv6 packets. - Microsoft has classified the likelihood of exploitation as “Exploitation More Likely.” Successful exploitation allows an attacker to execute arbitrary code on the affected system with SYSTEM privileges. Microsoft advises organizations to apply the latest security updates immediately, consider disabling IPv6 if not needed, and monitor for suspicious IPv6 traffic. Additionally, Microsoft has addressed six active Zero-Day vulnerabilities. The new Copilot+ devices come pre-installed with Windows 11, version 24H2, and customers should ensure updates are installed. The general availability date for Windows 11, version 24H2 is expected later this year.
Search