Описание
Windows TCP/IP Denial of Service Vulnerability
A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding.
To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly.
The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.
Обходное решение
The following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as they become available even if you plan to leave this workaround in place:
Disable ICMPv6 RDNSS.
You can disable ICMPv6 RDNSS, to prevent attackers from exploiting the vulnerability, with the following PowerShell command. This workaround is only available for Windows 1709 and above. See What's new in Windows Server 1709 for more information.
netsh int ipv6 set int INTERFACENUMBER rabaseddnsconfig=disable
Note: No reboot is needed after making the change.
Impact of Workaround
The workaround disables RA-based DNS configuration. It is an alternative in networks where an IPv6 host's address is auto-configured through IPv6 stateless address auto-configuration where there is either no DHCPv6 infrastructure at all or some hosts do not have a DHCPv6 client. Windows still supports DHCPv6 and it takes precedence over 6106-based configuration.
Before applying the workaround, customers need to consult with their IT admin to confirm that their network infrastructure doesn't rely on RA-based DNS configuration. Refer to RFC 8106 for further detail.
How to undo the workaround
You can disable the workaround with the following PowerShell:
netsh int ipv6 set int INTERFACENUMBER rabaseddnsconfig=enable
Note: No reboot is needed after disabling the workaround.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 10 Version 1709 for 32-bit Systems | ||
| Windows 10 Version 1709 for x64-based Systems | ||
| Windows 10 Version 1803 for 32-bit Systems | ||
| Windows 10 Version 1803 for x64-based Systems | ||
| Windows 10 Version 1803 for ARM64-based Systems | ||
| Windows 10 Version 1809 for 32-bit Systems | ||
| Windows 10 Version 1809 for x64-based Systems | ||
| Windows 10 Version 1809 for ARM64-based Systems | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
7.5 High
CVSS3
Связанные уязвимости
<p>A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly.</p> <p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>
A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Denial of Service Vulnerability'.
Уязвимость реализации стека протоколов TCP/IP операционной системы Windows, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3