Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled

"The worst is likely the bug in TCP/IP that would allow a remote, unauthenticated attacker to get elevated code execution just by sending specially crafted IPv6 packets to an affected target," Childs said.

"That means it's wormable. You can disable IPv6 to prevent this exploit, but IPv6 is enabled by default on just about everything."

https://www.bleepingcomputer.com/news/microsoft/zero-click-windows-tcp-ip-rce-impacts-all-systems-with-ipv6-enabled-patch-now/

@yoursunny

Comments

  • Petey_LongPetey_Long Member
    edited August 15

    I'm grateful someone here was able to get the info out quickly but to a layman, that post would mean nothing. If people aren't familiar with Microsoft security bulletins and don't know to look for the remedy section, not doing them a whole lot a good.

    This is an easily digestible article that anyone here could read and understand

    ✓ All versions of Windows with IPv6 capabilities are affected
    ✓ Takes no interaction from the potential victim - just a computer online, running windows and have IPv6 enabled
    ✓ If possible, run Windows update
    ✓ If you can't install this week's update, disable IPv6 as a precaution, however, this may cause some Windows components to stop working

    The most vulnerable and potential victims are people who aren't tech-savvy. Given the severity and easy exploitability of the flaw, it's in everyone's best interests to make it as easy as possible, for 1) People to realize they are vulnerable and 2) How to fix it

    Don't take your inherent genius for granted :)

    Thanked by 1Chuck
  • ...time to turn on my windows machine again and get the patches...

    Thanked by 1Chuck
  • mwmw Member

    where is @yoursunny

    Thanked by 1marcopolio
  • @mikewazar said:
    where is @yoursunny

    Become his own enemy by disable all ipv6 on the idlers

  • emghemgh Member, BF Ambassador
    edited August 15

    @kenjing789 said:

    @mikewazar said:
    where is @yoursunny

    Become his own enemy by disable all ipv6 on the idlers

    My favorite commands

    sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
    sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
    sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1
    
  • jsgjsg Member, Resident Benchmarker

    Must be a misunderstanding because as "everybody knows", both Windows and IPv6 are "the solution", not a problem.

  • kevindskevinds Member, LIR

    I think the worst part is that it affects all versions of Windows, many that will not get an update to fix..

  • @kevinds said:
    I think the worst part is that it affects all versions of Windows, many that will not get an update to fix..

    I mean. This can be fixed by just disabling IPv6 on the PC or on the network. Disable it ok the network for each PC or the whole network if you don't even need it.

  • kevindskevinds Member, LIR

    @Kevinf100 said:
    I mean. This can be fixed by just disabling IPv6 on the PC or on the network. Disable it ok the network for each PC or the whole network if you don't even need it.

    Yes...? Some of us do use it.

  • Thanks for this. I'd missed it and just got my Windows updates done. This post might have got more attention if the title was something like "Update your Windows VPS now!" becuase I suspect many people who needed to get the message will have missed it and this is a nasty one, (low complexity and potentially wormable) 😲

    Thanked by 1emgh
Sign In or Register to comment.