Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-38149: Windows TCP/IP Denial of Service Vulnerability

The following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as they become available even if you plan to leave this workaround in place:

Disable router discovery on IPv6 interface.

You can disable router discovery on the IPv6 interface to prevent attackers from exploiting the vulnerability, with the following PowerShell command:

  • Set-NetIPInterface -InterfaceIndex [interface_index] -RouterDiscovery Disabled

You can disable router discovery on the IPv6 interface to prevent attackers from exploiting the vulnerability, with the following Network Shell (netsh) command:

  • netsh interface ipv6 set interface [interface_name] routerdiscovery=disabled

Please refer to the workaround section of this security bulletin for more information: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-006

Note:

No reboot is needed after making the change.

Microsoft Security Response Center
Open in Source
#vulnerability#windows#microsoft#dos#Windows TCP/IP#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2024-11395: Chromium: CVE-2024-11395 Type Confusion in V8
Microsoft Security Response Center