Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerability

10/14/2020 11:59 AM EDT

Original release date: October 14, 2020
Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s Security Advisory for more information, and apply the necessary updates or workaround.