Important Distant Code Execution Vulnerability Found in Home windows 11’s TCP/IP Protocol: What You Must Know

On August 13, Microsoft introduced a distant code execution vulnerability (CVE-2024-38063) within the Home windows TCP/IP protocol. Affected methods embrace:

Home windows 11, model 24H2

The vulnerability may permit distant code execution by an unauthenticated attacker who repeatedly sends specifically crafted IPv6 packets to a Home windows pc. The vulnerability has a low assault complexity, no privilege degree required, no consumer interplay, and has a most severity score of Important.

Please notice that Home windows 11, model 24H2, whereas not but usually accessible, is putting in on the brand new Copilot+ gadgets at present accessible to the general public.

The vulnerability has been fastened within the August 2024 safety replace, however you have to to put in the replace if you don’t obtain automated updates.

As a mitigation measure, Microsoft has introduced that if IPv6 is disabled on the goal pc, the system won’t be affected.