Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Update Windows now, there are some worrying security hacks on the way

Windows 11 logo in front of the new wallpapers.

If you haven’t installed the security patches for Windows in the latest Patch Tuesday cumulative update, you should probably hurry, as experts have released a proof-of-concept (PoC) for a critical severity flaw allowing crooks to mount remote code execution (RCE) attacks.

The vulnerability in question, which was addressed in the latest update, released on August 13, is tracked as CVE-2024-38063, and has a severity score of 9.8 (critical).

It is described as a Windows TCP/IP RCE flaw, in which an unauthenticated user could spam specially crafted IPv6 packets until they discover a vulnerable endpoint.

Patching the flaw

The only workaround is to disable IPv6 and just use IPv4 which, as you might imagine, isn’t ideal for many users. At the time the bug was discovered, Microsoft said that Windows 10, 11, and Server versions were vulnerable, but that no one abused it yet. Still, given the severity of the flaw and the ease at which it might be exploited, Microsoft said it was “more likely” that it would start happening sooner or later. Now we know it was sooner, rather than later.

A white-hat hacker alias Ynwarcs released a PoC, saying “the easiest way to reproduce the vuln is by using bcdedit /set debug on on the target system and restarting the machine/VM”.

"This makes the default network adapter driver kdnic.sys, which is very happy to coalesce packets. If you're trying to reproduce the vuln on a different setup, you'll need to get the system in a position where it will coalesce the packets you sent."

Stalling with patches (or outright ignoring them) is one of the bigger causes of many cyberattacks and data breaches. Sometimes it’s justified, as patches were known to break entire systems and cause havoc (just remember the snafu from the faulty CrowdStrike update recently). In this case, since the patch was not reported to be causing any major issues, installing it is very much advised.

Via The Register

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.