Windows Security Alert: CVE-2024–38063 Vulnerability Exposed

Microsoft discloses another vulnerability this year, which is identified as CVE-2024–38063 allowing an unauthenticated attacker to send malicious Ipv6 packet to a windows machine which could enable Remote code execution.

CVE-2024–38063 is a type of vulnerability that allows attacker to send specially crafted packet to a windows system that’s using Ipv6 address, these crafted packets can then cause a buffer overflow which eventually lead to remote code execution into the system like Windows 10 , Windows 11 & server systems.

However Microsoft has also provided a mitigation for CVE-2024–38063 below is what you can do in order to mitigate and path the attack vector.

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:

Systems are not affected if IPv6 is disabled on the target machine.

“ DISABLE IPV6 from NETWORK CONFIG 😉 “

The Exploitability Index by Microsoft that define the severity of a vulnerabilities disclosed my MS says its “ Exploitation More Likely” i.e exploit code could be created in such a way that an attacker could…