{"id":167117,"date":"2024-08-16T07:10:42","date_gmt":"2024-08-16T07:10:42","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=167117"},"modified":"2024-08-16T07:10:44","modified_gmt":"2024-08-16T07:10:44","slug":"windows-rce-tcp-ip","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/167117\/hacking\/windows-rce-tcp-ip.html","title":{"rendered":"Microsoft urges customers to fix zero-click Windows RCE in the TCP\/IP stack<\/gwmw>"},"content":{"rendered":"
<\/div>\n

Microsoft addressed a critical zero-click Windows remote code execution (RCE) in the TCP\/IP stack that impacts all systems with IPv6 enabled.<\/h2>\n\n\n\n

Microsoft urges customers to fix a critical TCP\/IP remote code execution (RCE) flaw, tracked as\u00a0CVE-2024-38063<\/a> (CVSS score 9.8), in the TCP\/IP stack. The vulnerability impacts all systems with IPv6 enabled (IPv6 is enabled by default).<\/p>\n\n\n\n

An unauthenticated attacker can exploit the flaw by repeatedly sending IPv6 packets, including specially crafted packets, to a Windows machine which could lead to remote code execution.<\/p>\n\n\n\n

Microsoft confirmed that a threat actor can exploit this flaw in a low-complexity attack and its exploitability assessment labels the issue as “exploitation more likely.” This label suggests that Microsoft is aware of past instances of this type of vulnerability being exploited.<\/p>\n\n\n\n

Kunlun Lab’s\u00a0XiaoWei<\/a>\u00a0discovered the flaw several months ago, he urged customers to apply the patches because the “exploitation is more likely.” <\/p>\n\n\n\n

\n

MSRC fixed a RCE bug in TCPIP module.
I found the bug several months ago.
Its score is 9.8 and exploitation is more likely. Please apply the patch immediately.
pic.twitter.com\/bdjBLgoaYv<\/a><\/p>— wei (@XiaoWei___) August 14, 2024<\/a><\/blockquote>