According to BlockBeats, on August 14, Microsoft officially disclosed that a serious security vulnerability was recently exposed in the Windows system, numbered CVE-2024-38063, which affects all supported versions of Windows, including Windows 11, Windows 10, and multiple versions of Windows Server. The CVSS3.1 score of the vulnerability is 9.8, which is "important". Attackers can remotely invade devices through specially crafted IPv6 packets and execute arbitrary code. The vulnerability exists in the TCP/IP network stack of Windows and is a serious remote code execution vulnerability. An attacker can trigger the vulnerability and remotely execute code by repeatedly sending specially crafted IPv6 packets to Windows devices without user interaction or authentication.
Microsoft strongly recommends that all users update to the latest Windows version as soon as possible. Microsoft is releasing a patch to fix this vulnerability. Disabling IPv6 can temporarily prevent the vulnerability from being exploited.
