'Bad Neighbor' Security Exploit Is Causing BSOD Hell, Patch Your System Now
The team at Sophos Labs explains that in “tcpip.sys, a logic error in how the driver parses ICMP messages can be triggered remotely with a crafted IPv6 router advertisement packet containing a Recursive DNS Server (RDNSS) option.” The IPv6 router advertisement packet sends too much data and creates a buffer overflow, which corrupts the system memory stack. This corruption sends the whole operating system toppling. Once they understood how that worked, the researchers made a proof-of-concept attack seen in the video below.
If you want to defend against this, you can patch your systems and wait for updates from Microsoft. Aside from that, you can disable IPv6 in Windows if you are not using it or disable the IPv6 IMCP RDNSS feature, which is the source of the issue. If you want to read more about this exploit, you can do so on Microsoft’s CVE page to learn about workarounds and additional information.