Windows

A critical vulnerability has been identified in the Windows TCP/IP Stack that allows for unauthenticated RCE. No user interaction is required, making this a zero-click vulnerability. This vulnerability affects all supported versions of Windows and Windows Servers.

This remote code vulnerability enables an unauthenticated attacker to repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution. Microsoft has released urgent security patches and recommends to install these asap.

It has been assigned a CVSS score of 9.8. With a low complexity to exploit, can be performed unauthenticated and exploited remotely. Successful exploitation leads to SYSTEM level execution on the target endpoint.

From CVE 2024 38063

The following mitigating factors might be helpful in your situation: Systems are not affected if IPv6 is disabled on the target machine.

cross-posted from: https://lemm.ee/post/39812390

Microsoft is planning to remove the 32GB size limit for FAT32 partitions in Windows 11. While FAT supports volumes up to 2TB, Windows has had a 32GB arbitrary limit in place for nearly 30 years.

The limit is only being removed from the format command line right now, so the existing format dialog box will continue to have the FAT32 size limit unless Microsoft finally decides to update this Windows feature it has forgotten about for decades.

Announcement: Announcing Windows 11 Insider Preview Build 27686 (Canary Channel)

Loving this simulator, feels really nostalgic. I could use this as a replacement for the Pomodoro technique.