来源

关联漏洞

描述

A PowerShell script to temporarily mitigate the CVE-2024-38063 vulnerability by disabling IPv6 on Windows systems. This workaround modifies the registry to reduce the risk of exploitation without needing the immediate installation of the official Microsoft KB update. Intended as a temporary fix

介绍

# Disable IPv6 to Mitigate CVE-2024-38063 Without Installing KB Update

## Overview

This script is designed to mitigate the effects of the critical vulnerability CVE-2024-38063, a remote code execution (RCE) vulnerability in the Windows TCP/IP stack related to IPv6. By disabling IPv6 on the system, this script provides a temporary workaround to protect against potential exploitation of this vulnerability without requiring the installation of the corresponding KB (Knowledge Base) update.

### What the Script Does

1. **Creates a Registry File:** The script generates a `.reg` file that modifies the Windows registry to disable IPv6 by setting the `DisabledComponents` value under the `Tcpip6\Parameters` registry key.

2. **Checks for Directory Existence:** It checks if the directory where the `.reg` file will be saved exists. If not, the script creates the necessary directory.

3. **Applies the Registry Settings:** The script imports the generated `.reg` file into the Windows registry, effectively disabling IPv6 on the system.

4. **Cleans Up:** After the registry settings have been applied, the script deletes the `.reg` file and the directory (if it was created by the script).

5. **User Notification:** Finally, the script informs the user that the IPv6 settings have been updated and advises a system restart to ensure the changes take effect.

### Why This Matters

**CVE-2024-38063** is a significant security threat because it allows attackers to remotely execute code on vulnerable systems using specially crafted IPv6 packets. This vulnerability is particularly dangerous due to its low complexity of exploitation and the fact that IPv6 is enabled by default on most Windows systems.

**Note:** While this script provides a temporary mitigation, it is recommended to apply the official KB update from Microsoft as soon as possible to fully protect your system against this vulnerability.

## Usage

1. **Run the Script:** Execute the script in a PowerShell window with administrative privileges.

2. **Restart the System:** After the script completes, restart your computer to apply the changes.

3. **Monitor for Official Patches:** Keep an eye on official updates from Microsoft to ensure that the vulnerability is fully patched with the KB update.

### Disclaimer

This script is intended as a temporary workaround. Disabling IPv6 may affect certain network functionalities, and it is recommended to apply the official patch from Microsoft when available.

## License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

文件快照

 [4.0K]  /data/pocs/9d5e2f599acd59c2c1bb864c284caa5b613f68df
├── [1.2K]  disable_ipv6.ps1
├── [1.0K]  LICENSE
└── [2.5K]  README.md

0 directories, 3 files

备注