The CVE-2024-38063 vulnerability has a critical CVSS score of 9.8, allowing unauthenticated remote code execution on unpatched Windows systems via designed IPv6 packets.
Despite Microsoft announcing a fix on August 13, many Windows users hesitate to implement patches due to concerns over potential problems, leading to vulnerabilities being exploited.
The exploit was created by Ynwarcs, who provided instructions to reproduce the vulnerability, emphasizing that the exploitation can entail tricky conditions for successful execution.
Marcus Hutchins highlighted the ongoing risk of 'Exploit Wednesday', where attackers capitalize on recently announced vulnerabilities that have not yet been patched by users.
[
Collection
]
[
|
...
]