A critical security vulnerability has been discovered in the Windows TCP/IP stack, which is expected to be rapidly exploited. This vulnerability affects all known Windows Operating Systems with IPv6 enabled. The attack is relatively simple and can cause a system crash or, in the worst case, allow an attacker to take control of the system remotely.
One security analyst mentioned that the only reason this vulnerability isn't rated a 10 out of 10 is because IPv6 is not yet fully implemented in most places. However, by default, Windows has IPv6 enabled, putting every Windows OS at risk. Some researchers have already successfully recreated the attack, even without public proof of concept code. It's only a matter of time before this exploit is used in the wild.
How We Are Addressing This for Our Clients
For our clients, we are rolling out all appropriate security updates during your patch window. Our team will then identify any devices that did not receive those updates and escalate them to your support team. Your support team will then manually update those devices to ensure they are protected.
Not a Client?
If you aren’t a current client but have questions, please reach out, and we will do what we can to walk you through what you need to know, or what you need to ask your IT team about in order to keep your organization safe and secure.