PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
A security researcher known as "Ynwarcs" has released a proof-of-concept (PoC) exploit code for a critical zero-click vulnerability in Windows TCP/IP, identified as CVE-2024-38063. This vulnerability, discovered by XiaoWei of Kunlun Lab, is a remote code execution flaw that impacts all Windows systems with IPv6 enabled, including Windows 10, Windows 11, and Windows Server systems. The exploit requires no user interaction to be executed. The PoC code is now accessible on GitHub, increasing the likelihood of exploitation by malicious actors. Microsoft has advised users to promptly apply the latest security updates to mitigate the risks associated with this vulnerability, emphasizing the importance of patching systems running IPv6 and monitoring for unusual IPv6 packet activity to protect against potential threats. CVEs: CVE-2024-38063 [View Article](https://www.darkreading.com/vulnerabilities-threats/poc-exploit-for-zero-click-vulnerability-made-available-to-the-masses)