If you have the August 13, 2024—KB5041580 update. You’re good.
😏🐧
People always talk about Arch. I wonder what people think of other oses and the people who run them lol. Like I’m a bearded Debian user (closer to the look of the Dilbert comic unix guy).
If Linux is so great, then explain why I can’t even install this latest security patch for Windows on my Tumbleweed??
Great, it worked!
But now I have ads on my desktop, tiler, and all the menues feature ‘sponsored’ content instead of my shit.
Well, not ALL Windows machines…
“Systems are not affected if IPv6 is disabled on the target machine.”
I can’t remember the last time I saw an IPv6 machine…
It’s on by default with Win10 at least.
I disable it on all machines I build. And use GP to ensure it stays disabled.
It is on by default in Windows… More likely people have routers with it disabled.
Where I work, everything is on IPv6. Both the infrastructure for the software services that we run, and our own internal corporate network.
My ISP also provides publicly routable IPv6 prefixes over DHCP. Any layman in my city with this ISP will be on IPv6 by default.
I also use IPv6 for my LAN.
Like, it’s just kind of the default in my neck of the woods…
I have two different ISPs offering gigabit fiber to the home, neither offers IPv6 at all. One of thes years I’ll tunnel an IPv6 prefix or two onto my network to actually get some real world experience with…
“Compromises all devices running … an IPv6 address.”
Oh so no one is effected. (other then network nerds, and they are not real)
IPv6 is enabled by default on windows.
EDIT Here’s how to disable it. If you can’t on your modem/router. Open the network menu from the icon in bottom right of screen > right click on the network you are connected to and click “status” > In the popup click on the “Properties” button > You’ll get another popup with the name of your network adapter in a top line/box and a secondary box with a list of things in it > Look for the entry “Internet Protocol Version 6 (TCP/IPv6)” and uncheck the box in front of it > click OK.
you can have both addresses at the same time - this site shows both if you have them: https://whatismyipaddress.com/
IPV6 is already rolled out in parts of the world. My provider has a Dual Stack lite architecture, the home connection is over IPV6, IPV4 is normally being tunneled via V6 through a provider grade NAT.
As I AM a network nerd, I pay for a dedicated IPV4 address every month, so I can reach my stuff from outside from old IPV4 only networks.
So when I plug in my router, connect a windows machine and just google stuff then all this traffic will be IPV6 without me configuring anything.
It’s so great fun having the attack surface being doubled by dual stack setups.
Why not instead use the money to pay for a domain name and use a router with a dynamic DNS daemon?
Because behind the carrier grade NAT I don’t get a routable IPV4 at all, so no inbound connections.
With the IPV4 I use I do use dyndns now, so I can resolve it from outside.
Unfortunately (or fortunately, it depends on how you see it), some providers are already on IPv6. My Italian ISP has IPv6 with CGNAT, so all its users are on IPv6 without even knowing what it is.
I updated Windows so hard Linux popped out.
To note: It shows even Windows Server 2008 as affected. Since MS is only testing against OSses they support, it is possible this has existed as a problem all the way back since IPv6 was first introduced to Windows XP.
Also, for all of you “disable IPv6 because I don’t understand it” people… unless you are running Windows 8 or older, just update Windows. IPv4 has been out of addresses for so long that CGNAT is a thing, which means connectivity problems when you’re hosting stuff, and more latency and packet drops from ISP routers getting saturated with NAT tasks. IPv6 is alive on the internet since 2011 and very much used on the internet, does not tie up routers by requiring NAT translation, and therefore just performs better. Plus, if you use your network printer’s or network device’s link-local ipv6 to connect locally, you will never have to deal with static ip address or changing ipv4 lan address pain, as link-local (non-routable on the internet) addresses don’t change unless you force it.
Also don’t use $35 routers for your internet. If your router does not support ipv6 firewalling, it is long since time to fix that with one that does.