Critical Windows Exploit: What You Need to Know, Explained by a Windows Developer

preview_player
Показать описание

Follow me for updates!
Twitter: @davepl1968 davepl1968
Рекомендации по теме
Комментарии
Автор

I ran Dave's shirt through a compiler and it fixed my ipv6 vulnerability and made me a coffee.

jeremylindemann
Автор

I have to admit, the Crowdstrike video and the Microsoft DDOS video, and this one, are the three best videos I have used to report details to my job. Thank you so very much for doing these.

kadu
Автор

When Dave says you should look out for an exploit, I'm gonna listen.

sardonic_irony
Автор

Very interesting information. Also Dave, I have to say that you are very well spoken and a pleasure to watch and listen to. Great video as always!

martyb
Автор

Just checked my Windows Update status, thanks for the explanation and reminder. Also, that shirt is amazing.

eldibs
Автор

IPv6 = 340 Undecillion available. Great number.

TymboTalks
Автор

One very important note. Disabling IPv6 is NOT the fix. The fix is to patch you system with the updates that have been released last week.
The Windows networking stack still processes IPv6 packets. Remember that this exploit has not yet been fully disclosed so we don't have all details about it and cannot assume "fixes" by doing random actions instead of properly patching the systems!

TigTex
Автор

I'm the guy at my employer that would have to manage this. They laid me off right before this popped up.


I'm looking forward to watching the fireworks.

mawnkey
Автор

I realize most of your audience already knows this but some of us (not saying who mind you) some of us could use 1 or 2 sentences out of your 11 minute video on HOW to disable IPV6!!! Woops! Love the shirt.

Robert
Автор

Thank you for that view into autism. I have an autistic grandson. He lives pretty far away from me, so I don't interact with him often. What you wrote reminded me of some experiences we had when his father was in elementary school. One teacher actually dragged him from the classroom because he "always looks out the windows" and because he "won't ever listen to me" but he still scored well on the material she was teaching. I spent some time in a live-in therapy situation. My therapist told me that I had a high attention to detail. I told him that was because I was a computer programmer. He laughed and told me it was the other way around. That's not much in the way of ASC, but with a grandson who is autistic, it makes me wonder. His father and I have had experiences that I had never associated with autism, but now I'm not sure.

The_Troll
Автор

I was someone who used a computer once who managed to somehow get a job in IT security. I need to thank you and other experts for making these videos so I can report security vulnerabilities at my job.

Edit. don't click like to this so the comment stays hidden. Don't want my boss to see where I get my info.

GhostWriter_Music
Автор

Dave is definitely the best teacher: he has charisma and teaches with clarity and cogency.

ietrjew
Автор

I'd never considered the protection granted by the use of NAT, or rather, the loss of protection when moving to IPv6. Interesting thought.
As always, this is how we get new ideas, by THINKING together and talking reasonably. Thanks for the video!

xileets
Автор

The thing that really p**ses me off is that Microsoft has patches for Windows 10 versions 1507, 1607, and 1809 (all LTSB/C), Windows Server 2008 R2 ESA (Windows 7), and Windows Server 2008 ESA (Windows Vista). This means that basically Microsoft can patch all versions of Windows 10, Windows 7, Windows Vista, Windows Server 2008, and Windows Server 2008 R2, but they chose to only patch ESA, and for Windows 10's many different versions, they only patched the latest + LTSB/C. For Windows 7 and Server 2008 R2, people can use an ESA bypass patch, that is if they can get it to work. For anyone not using the latest version of Windows 10 or an LTSB/C version, they have no option but to completely disable IPv6.

Given the severity of the patch and that it affects every Windows version going back to at least Windows Vista, I find it inexcusable that Microsoft easily has the ability to make the patch work on all versions of these OS's, but withheld such patches, making sure to only support the latest Windows versions, ESA, and LTSB/C, the same as they would do for say an everyday mundane feature or usability patch. But this isn't that. This is something that can potentially allow any kind of malware to run on an affected system bypassing all security and spread through the Internet. In these days of ransomware and highly destructive malware, this is absolutely unacceptable behavior from Microsoft. Again, they have patches for all of these versions of Windows, and are choosing to withhold them, deliberately restricting who can patch their OS.

For people who are running a version of Windows that doesn't have a patch, it's best to just completely disable IPv6. Don't just clear the checkbox in Network Adapter settings as that isn't enough. You ***need*** to add this registry setting as well: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters, add dword DisabledComponents and set to ff, then reboot. Open a command prompt and run ipconfig /all and ensure that there is ***no*** IPv6 section.

If you need IPv6, you can use Tor, as that will give you an IPv6 address, and bypass the affected Windows components (ipconfig /all in a command prompt will show no IPv6 section).

There's also 0patch, but it doesn't have a patch for this problem, although it might in the very near future. But I believe this will only work for ESA and not for all the various versions of Windows 10 for which Micosoft is withholding patches.

Psilobite
Автор

I really enjoy these videos. The explanation and extrapolation is perfect. As well as your delivery and editing. Thank you for this.

michaelcampbell
Автор

Happy memories of reselling the TUN TCP stack as a Windows add-on 30 years

IndaloMan
Автор

I've never been happier to be on Linux. To all the Windows users out there, be careful and update! Don't let it pass you by!

KanokYT
Автор

5:30 According to Sami Laiho, disabling IPv6 is not supported by Microsoft, which means Microsoft doesn't test machines anymore that have IPv6 disabled. In fact I know it actually even will give problems in some situations where you would think you don't need it, like Exchange Servers or sometimes even domain controllers.
But thanks for the cool video :)...

Lofote
Автор

Thanks, Dave, for breaking down this critical Windows exploit in such an accessible way. It's a reminder of how important it is to stay informed and up-to-date with security patches!

Bryghtpath
Автор

"And then some..."
That is the understatement of the year.
The IPv6 address space is so large that 10^20 IP addresses can be assigned to every grain of sand on earth, i.e. a hundred quintillion address for each grain of sand.

TheEvertw