Once again, even after Microsoft’s patch day yesterday, you shouldn’t wait too long to install the updates. Because the Redmonders have plugged holes here that are quite tough and attacks are likely to come soon.
A security vulnerability that was entered in the registry under the ID CVE-2020-16898 is particularly worth mentioning . This is a vulnerability in the TCP / IP stack of the Windows operating system.
Due to the bug, ICMPv6 router advertisement packets, which are essentially responsible for error reports and diagnostics in IPv6, are handled incorrectly.
According to Microsoft, the vulnerability opens a path through which attackers can smuggle code deep into the system and execute it. The vulnerability is also not so complex to exploit that this would only be possible with great effort and great skill. It is therefore “very likely” that there will be attacks on this vulnerability soon.
Malware sure to arrive soon
In order to exploit the error, the attacker has to send a specially modified ICMPv6 packet to the targeted Windows system. This then makes it possible to smuggle in additional codes, which can then be executed with system rights. In essence, an attacker can basically bring the system completely under his control and abuse it for his own purposes.
For the broad mass of users, the greatest risk is likely to be that their computer will be infected by malware in the way described. Ransomware attacks are currently the most likely risk.
However, the integration of the computer into a botnet is also an assumed scenario. Accordingly, the vulnerability should be used as an opportunity not to take too long to install the latest patches. An analysis of the updates provided usually brings attackers very quickly to the point where the vulnerability is to be found.