Alert

Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerability

Last Revised

Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition.

 

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s Security Advisory for more information, and apply the necessary updates or workaround.

 

This product is provided subject to this Notification and this Privacy & Use policy.