Skip to content

Commit e0d8eb6

Browse files
0xKrat0s0xKrat0s
committed
Posts
1 parent a27c97b commit e0d8eb6

File tree

1 file changed

+2
-11
lines changed

1 file changed

+2
-11
lines changed

_posts/2024-08-28-CVE-2024-38063.md

Lines changed: 2 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ Discovered by [XiaoWei](https://x.com/XiaoWei___) from Kunlun Lab, the flaw is c
1414
## Vulnerability Details
1515

1616
```
17-
- Severity: Critical (CVSS score: 9.8)
17+
- Severity: Critical (CVSS score: 9.8)
1818
- Impact: Remote code execution
1919
- Exploitability: High, with potential for rapid weaponization
2020
- Affected Systems: All Windows systems with IPv6 enabled
@@ -32,22 +32,17 @@ While Microsoft has released a patch to address this vulnerability, organization
3232

3333
One way is to manipulate the Windows Registry. Running this PowerShell command will show us our current IPv6 settings:
3434

35-
```PowerShell
35+
```ts:PowerShell
3636
Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\
3737
```
3838

3939
This command displays the existing IPv6 configuration, including whether it's enabled or disabled.
4040

41-
![Github Traffic](/images/CVE-2024-38063/IPV6-1.png)*IPV6 Configuration*
42-
4341
```ts:PowerShell
4442
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters -Name "DisabledComponents" -Value 0xFF -Type DWord
4543
```
4644

4745
This command sets the DisabledComponents value to 255, effectively disabling IPv6.
48-
49-
![Github Traffic](/images/CVE-2024-38063/IPV6-2.png)*Disable IPV6*
50-
5146
Alternatively, we can disable IPv6 protocol binding for all network adapters on the system, as X(Former Twitter) user [biffbiffbiff](https://x.com/biffbiffbiff/status/1823676176562290734) points out.
5247

5348
## Should You Disable IPv6?
@@ -64,16 +59,12 @@ If you have disabled IPv6 and now wish to re-enable it, you can do so with the f
6459
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters -Name "DisabledComponents" -Value 0x00 -Type DWord
6560
```
6661

67-
![Github Traffic](/images/CVE-2024-38063/IPV6-3.png)*Restore the DisabledComponents registry value*
68-
6962
To re-enable IPv6 on our Network Adapters, we will run the PowerShell command:
7063

7164
```PowerShell
7265
Get-NetAdapter | ForEach { Enable-NetAdapterBinding -InterfaceAlias $_.Name -ComponentID ms_tcpip6 }
7366
```
7467

75-
![Github Traffic](/images/CVE-2024-38063/IPV6-4.png)*Enable IPV6*
76-
7768
## Recommendations
7869

7970
- Apply the Patch: Prioritize the installation of the official patch released by Microsoft as soon as possible.

0 commit comments

Comments
 (0)