According to PANews, a severe security vulnerability identified as CVE-2024-38063 has been discovered in Windows systems. This flaw affects all supported versions of Windows, including Windows 11, Windows 10, and multiple versions of Windows Server. The vulnerability has received a CVSS 3.1 score of 9.8, categorizing it as 'critical.' Attackers can exploit this vulnerability through specially crafted IPv6 packets to remotely infiltrate devices and execute arbitrary code without requiring user interaction or authentication.
The vulnerability resides in the TCP/IP network stack of Windows, making it a serious remote code execution flaw. Attackers can repeatedly send specially crafted IPv6 packets to trigger the vulnerability and execute code remotely. Microsoft is actively releasing patches to address this issue, and users are strongly advised to update to the latest version as soon as possible. Additionally, disabling IPv6 can temporarily prevent the exploitation of this vulnerability.