Source: Ascannio via Alamy Stock Photo

A security researcher named "Ynwarcs" has published analysis of a proof-of-concept exploit code for a critical zero-click vulnerability in Windows TCP/IP.

The vulnerability is tracked as CVE-2024-38063, and is a remote code execution flaw that affects all Windows systems that have IPv6 enabled.

Originally discovered by XiaoWei of Kunlun Lab, CVE-2024-38063 can be exploited by threat actors on Windows 10, Windows 11, and Windows Server systems, requiring no user interaction. 

Ynwarcs has released a PoC exploit code for the flaw, which is now available on GitHub and for developers and researchers to study, but this also makes it more likely that bad actors will take advantage of the vulnerability.

Microsoft has encouraged users to apply the latest security updates available as soon as possible to mitigate the potential threats of the flaw. Organizations running Windows systems IPv6 should apply patches immediately and monitor any unusual IPv6 packet activity.