Progress in exploitation of Remote Code Execution – Windows TCP/IP IPv6 (CVE-2024-38063). The vulnerability is from the August Patch Tuesday. 2 weeks ago I already wrote why it is potentially dangerous. Now the danger has increased significantly:
On August 24, a PoC of the exploit appeared on GitHub. There is a video with the launch of a small python script (39 lines), causing Windows to crash with the error “KERNEL SECURITY CHECK FAILURE”. Looks more like DoS than RCE. But this is only for now.
Well-known researcher Marcus Hutchins posted a blog post titled “CVE-2024-38063 – Remotely Exploiting The Kernel Via IPv6“. It describes the technical details of exploiting the vulnerability.
The probability that the vulnerability will be exploited in the wild has increased significantly.
Check if the vulnerability is patched or increase the priority of the fix if it is not yet.
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.