All Windows users should immediately update their computers. An exploit rated 9.8/10 (CVE-2024-38063) compromises all devices running Windows with an IPv6 address.
All Windows users should immediately update their computers. An exploit rated 9.8/10 (CVE-2024-38063) compromises all devices running Windows with an IPv6 address.
If you have the August 13, 2024—KB5041580 update. You're good.
You're viewing a single thread.
"Compromises all devices running .... an IPv6 address."
Oh so no one is effected. (other then network nerds, and they are not real)
IPV6 is already rolled out in parts of the world. My provider has a Dual Stack lite architecture, the home connection is over IPV6, IPV4 is normally being tunneled via V6 through a provider grade NAT.
As I AM a network nerd, I pay for a dedicated IPV4 address every month, so I can reach my stuff from outside from old IPV4 only networks.
So when I plug in my router, connect a windows machine and just google stuff then all this traffic will be IPV6 without me configuring anything.
It's so great fun having the attack surface being doubled by dual stack setups.
Why not instead use the money to pay for a domain name and use a router with a dynamic DNS daemon?
Because behind the carrier grade NAT I don't get a routable IPV4 at all, so no inbound connections.
With the IPV4 I use I do use dyndns now, so I can resolve it from outside.
Some ISPs have basically destroyed their segment of the Internet, turning it into a cable tv network.
they certainly don't run windows.
IPv6 is enabled by default on windows.
EDIT Here's how to disable it. If you can't on your modem/router. Open the network menu from the icon in bottom right of screen > right click on the network you are connected to and click "status" > In the popup click on the "Properties" button > You'll get another popup with the name of your network adapter in a top line/box and a secondary box with a list of things in it > Look for the entry "Internet Protocol Version 6 (TCP/IPv6)" and uncheck the box in front of it > click OK.
I've just queried it my IP is V4 so presumably I'm fine.
you can have both addresses at the same time - this site shows both if you have them: https://whatismyipaddress.com/
Or, just type
ping -6 google.comfrom a command prompt. It won't work if you don't have ipv6.
Depending on your ISP and network setup, you could very well have both v4 and v6 addresses.
Looking at the IP logs of the users on a website of mine shows that many people are already using IPv6 alongside IPv4. Some ISPs even don't use IPv4 anymore unless you pay extra (Germany/Austria)
Unfortunately (or fortunately, it depends on how you see it), some providers are already on IPv6. My Italian ISP has IPv6 with CGNAT, so all its users are on IPv6 without even knowing what it is.
Dang Italian network nerds! That will teach them for believing in a better tech future.