Critical Windows IPv6 RCE Vulnerability (CVE‑2024‑38063): Risks & Fixes
A high‑severity Windows TCP/IP IPv6 vulnerability (CVE‑2024‑38063) allows unauthenticated remote attackers to trigger denial‑of‑service or execute arbitrary code on millions of systems, and Microsoft recommends immediate patching or temporary IPv6 disabling as mitigation.
Vulnerability Overview
Name: Windows TCP/IP IPv6 Remote DoS/Code Execution Vulnerability
ID: CVE-2024-38063
Published: 2024-08-13
Severity: High (CVSS 3.1 score 9.8)
Threat Types: Denial of Service, Remote Code Execution
Exploitability: High (no public PoC, no wild exploitation observed)
Description: An unauthenticated remote attacker can send specially crafted IPv6 packets to Windows machines, causing denial‑of‑service or arbitrary code execution. The flaw resides in the TCP/IP stack’s handling of IPv6 packets and affects all supported Windows versions, including Windows 11, Windows 10, and various Windows Server releases.
Affected Versions
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit SystemsMitigation and Fixes
Microsoft has released security patches; apply the latest updates immediately. As a temporary mitigation, disable IPv6 on affected systems.
Open Network and Sharing Center → Change adapter settings → Properties.
Uncheck “Internet Protocol Version 6 (TCP/IPv6)”.
Restart the network adapter or reboot the computer.
After patching, you can verify IPv6 is disabled (if desired) by opening a command prompt and running ipconfig; ensure no IPv6 address appears.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Open Source Linux
Focused on sharing Linux/Unix content, covering fundamentals, system development, network programming, automation/operations, cloud computing, and related professional knowledge.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.