Critical Windows security vulnerability allows attackers full control over IPv6 in CVE-2024-38063 threat - apply August patches now

王林
Release: 2024-08-16 09:39:03
Original
553 people have browsed it

Critical Windows security vulnerability allows attackers full control over IPv6 in CVE-2024-38063 threat - apply August patches now

Microsoft has provided details on a critical Windows security vulnerability that allows hackers full remote code execution over IPv6, as detailed in the MSRC CVE-2024-38063 guidance. This allows attackers to run anything they wish to steal information and data, monitor users, and cause havoc. Users of affected Windows OSs should apply the August patches immediately or disable IPv6 in the network card device manager.

The zero-click attack has a Common Vulnerability Scoring System (CVSS 3.1) rating of 9.8, an extremely critical security vulnerability, because attackers do not require user accounts and passwords of target computers. The attackers also do not require any user action for the breach to occur.

Microsoft has not fully disclosed the details of this vulnerability, first reported by Cyber KunLun, due to the ease with which hackers can use this information to create hacking tools. However, the company did note that the vulnerability exists due to poorly written code that allows an integer underflow condition to occur, opening the door to attacks.

Affected Windows OSs include Windows Server 2008 through 2022, Windows 10, and Windows 11 32-bit and 64-bit versions. A comprehensive list of affected Windows OSs along with links to the appropriate August 2024 patches is published in the MSRC CVE-2024-38063 guidance.

All Windows users should immediately install the August 2024 security patch or disable IPv6.

Critical Windows security vulnerability allows attackers full control over IPv6 in CVE-2024-38063 threat - apply August patches now

The above is the detailed content of Critical Windows security vulnerability allows attackers full control over IPv6 in CVE-2024-38063 threat - apply August patches now. For more information, please follow other related articles on the PHP Chinese website!

source:notebookcheck.net
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!