Cybersecurity

5650 readers

189 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now (www.bleepingcomputer.com)

submitted 2 months ago by BrikoX@lemmy.zip to c/cybersecurity@sh.itjust.works

8 comments fedilink hide all child comments

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, which is enabled by default.

you are viewing a single comment's thread
view the rest of the comments

[–] Omgboom@lemmy.zip 6 points 2 months ago* (last edited 2 months ago)

The problem is that IPV6 is only half implemented at best. Do you know how many software vendors have "disable IPV6" in their documentation? Because it's a lot. I, as a sysadmin, have no control over that. I can't make these vendors implement IPV6, if they haven't done it yet they clearly aren't in a hurry to. I'm not talking about gamers, I'm talking about niche legacy software and internal proprietary programs, older networked hardware (like door systems) often don't support IPV6. I feel like IPV6 was created because we were running out of IPV4 addresses, and then the world realized we could just NAT everything and stopped caring. I was there Gandalf, I was there 3,000 years ago on 512K day, when the strength of IPV4 failed. Trust me I want nothing more than for IPV6 to work and be universally adopted, but here we are 30 years later