The Indian Computer Emergency Response Team (CERT-In) has found a serious security flaw in Windows PCs and has issued a warning to Windows PC users. The security flaw found within the Windows PCs has been classified as “Critical” by CERT-In.
In addition to this, the government body has also found some security issues in Windows Kernal that can allow attackers to execute unauthorised attacks.
What CERT-In has to say
According to the CERT-In's report, all Windows PCs connected with IPv6 are affected by the Windows TCP/IP Remote Code Execution vulnerability. The report also mentions that scammers can exploit this vulnerability to execute arbitrary code on the targeted system.
As far as Windows Kernal security flaw is concerned, that security can also allow attackers to run arbitrary code on the system and even gain privilege access.
CERT-in has also said that attackers are exploiting the Windows Kernal security flaw in “wild”.
IPv6 vulnerability: Affected devices, why it exists and solution
It is important to note that not all Windows PCs are affected by this security flaw. Only PCs that are connected to IPv6 protocol are affected by this.
CERT-In has mentioned that the vulnerability in the Windows PCs exists due to an “Integer Underflow weakness that can lead to a buffer overflow. An unauthenticated attacker could exploit this by sending specially crafted IPv6 packets repeatedly to a Windows machine, potentially leading to remote code execution. If successfully exploited, this could allow the attacker to run arbitrary code on the affected system.”
The government body has advised users to disabling IPv6 if it is not needed and apply the appropriate updates as recommended by Microsoft. Install the latest update, head to Settings --> Software update and install the update.
Windows Kernal vulnerability: Affected PCs, why it exists and solution
Windows 10: Versions 1607, 1809, 21H2, 22H2
Windows 11: Versions 21H2, 22H2, 23H2, 24H2
Windows Server 2016 (including Server Core installation)
Windows Server 2019 (including Server Core installation)
Windows Server 2022 (including 23H2 Edition and Server Core installation)
This vulnerability exists in a component of the Windows Kernel and can be exploited through a race condition. If successfully exploited, it allows an attacker to gain elevated privileges on the targeted system.
CERT-In has advised users to install the latest security patch available for Windows that includes a fix for “CIVN-2024-0260" vulnerability.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
