Advanced

Windows TCP/IP Remote Code Execution Vulnerability: What You Should Know

CVE-2024-38063 is a critical (CVSS 9.8), zero-click, wormable remote code execution vulnerability in the IPv6 implementation of the Windows TCP/IP stack (tcpip.sys), patched during Micros...

In August 2024, Microsoft's monthly Patch Tuesday release addressed a total of 90 vulnerabilities, nine of which were categorized as zero-days and eight of which were rated critical. Among these, one vulnerability stood out significantly from the rest: CVE-2024-38063, a flaw in the IPv6 implementation of the Windows TCP/IP stack.

What makes this vulnerability especially dangerous is that it is a zero-click, wormable remote code execution vulnerability. An attacker can remotely execute arbitrary code on an affected system without any user interaction whatsoever — no phishing click, no malicious attachment, no social engineering required. Simply having a vulnerable, network-reachable system is enough for an attacker to potentially achieve full system compromise, unauthorized data access, and exposure of sensitive information.

The vulnerability affects any Windows version that supports IPv6 and is still receiving security updates from Microsoft — in practice, this means essentially every currently supported version of Windows, since IPv6 support is built into the modern Windows networking stack and is enabled by default.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

3 sections
  1. 1 Table of Contents
  2. 2 Module 1: The Windows TCP/IP IPv6 Remote Code Execution Vulnerability (CVE-2024-38063)
  3. 3 Summary

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.