PANews reported on August 14 that a serious security vulnerability was recently exposed in the Windows system, numbered CVE-2024-38063, affecting all supported Windows versions, including Windows 11, Windows 10, and multiple versions of Windows Server. The CVSS 3.1 score of this vulnerability is 9.8, which is classified as "important". Attackers can remotely invade devices and execute arbitrary code through specially crafted IPv6 packets without user interaction or authentication.

This vulnerability exists in the TCP/IP network stack of Windows and is a serious remote code execution vulnerability. An attacker can repeatedly send specially crafted IPv6 packets to trigger the vulnerability and remotely execute code. Microsoft is releasing a patch to fix this vulnerability and recommends users to update to the latest version as soon as possible. In addition, disabling IPv6 can temporarily prevent the vulnerability from being exploited.