According to TechFlow, on August 14, Microsoft officially disclosed that a serious security vulnerability numbered CVE-2024-38063 was exposed in the Windows system, affecting all supported Windows versions, including Windows 11, Windows 10, and multiple versions of Windows Server. The CVSS3.1 score of this vulnerability is as high as 9.8, which is classified as "important". Attackers can remotely invade the device through specially crafted IPv6 packets and execute arbitrary code without user interaction or authentication.
The vulnerability exists in the TCP/IP network stack of Windows. Microsoft strongly recommends that users update to the latest Windows version as soon as possible and is releasing a patch to fix this vulnerability. Disabling IPv6 is a temporary measure to prevent the vulnerability from being exploited.
