Security News > 2021 > February > Microsoft urges customers to patch critical Windows TCP/IP bugs

Microsoft has urged customers today to install security updates for three Windows TCP/IP vulnerabilities rated as critical and high severity as soon as possible.

The three TCP/IP security vulnerabilities impact computers running Windows client and server versions starting with Windows 7 and higher.

"The DoS exploits for these CVEs would allow a remote attacker to cause a stop error. Customers might receive a blue screen on any Windows system that is directly exposed to the internet with minimal network traffic," the Microsoft Security Response Center team said.

"We believe attackers will be able to create DoS exploits much more quickly and expect all three issues might be exploited with a DoS attack shortly after release. Thus, we recommend customers move quickly to apply Windows security updates this month."

While Microsoft says that it is vital to apply today's security updates on all Windows devices as soon as possible, the company also provides workarounds for those who can't immediately deploy them.

The IPv4 workaround requires hardening against the use of Source Routing, normally disallowed in Windows default state.

News URL

https://www.bleepingcomputer.com/news/security/microsoft-urges-customers-to-patch-critical-windows-tcp-ip-bugs/