<div dir="ltr"><div class="gmail-ms-Stack gmail-css-195"><div class="gmail-ms-Stack-inner gmail-css-194"><div style="min-width:300px"><h1 class="gmail-ms-fontWeight-semibold gmail-css-196"></h1></div><div style="font-size:smaller;font-stretch:semi-condensed"></div></div></div><span class="gmail-css-200">CVE-2024-38063</span><div style="height:100%"><div style="right: 0px; top: 0px; bottom: 0px;"><div><div style=""><div><div class="gmail-ms-FocusZone gmail-css-133 gmail-ms-CommandBar gmail-root-201" role="menubar"><div role="none" class="gmail-ms-OverflowSet gmail-ms-CommandBar-primaryCommand gmail-primarySet-203"><div class="gmail-ms-OverflowSet-item gmail-item-176" role="none"></div></div></div></div></div></div></div></div><div class="gmail-ms-OverflowSet-item gmail-item-176" role="none"></div><div class="gmail-ms-OverflowSet-item gmail-item-176" role="none"></div><div class="gmail-ms-OverflowSet-item gmail-item-176" role="none"></div><span class="gmail-css-350">Security Vulnerability</span><div style="font-weight:700"><p>Lançado: 13 de ago de 2024</p></div><br><p class="gmail-css-353"><a target="_blank" href="https://www.cve.org/CVERecord?id=CVE-2024-38063" rel="noopener noreferrer" class="gmail-ms-Link gmail-root-267">CVE-2024-38063</a></p><div class="gmail-ms-Stack gmail-css-356"><p>Impacto: Execução de Código Remota</p><p>Gravidade máxima: Crítico</p></div><div style="display:flex" class="gmail-ms-Stack gmail-css-357"><label style="padding:0px" class="gmail-ms-Label gmail-root-226">Weakness:</label><div class="gmail-ms-Shimmer-container gmail-root-227"><div class="gmail-ms-Shimmer-dataWrapper gmail-dataWrapper-352"><a href="https://cwe.mitre.org/data/definitions/191.html" style="margin-bottom:1rem;margin-left:4px">CWE-191: Integer Underflow (Wrap or Wraparound)</a></div></div></div><div style="padding-top:8px"><label style="display:inline-block" class="gmail-ms-Label gmail-root-226">CVSS Source:</label> Microsoft</div><div><div class="gmail-ms-Shimmer-container gmail-root-228"><div class="gmail-ms-Shimmer-dataWrapper gmail-dataWrapper-352"><label class="gmail-ms-Label gmail-root-226">CVSS:3.1 9.8 / 8.5<div class="gmail-ms-TooltipHost gmail-root-134" role="none"></div></label></div></div></div><div class="gmail-ms-Shimmer-container gmail-root-228"><div class="gmail-ms-Shimmer-dataWrapper gmail-dataWrapper-352"><label class="gmail-ms-Label gmail-root-226"><div class="gmail-ms-TooltipHost gmail-root-134" role="none"></div></label></div></div><div><div style=""><div><div class="gmail-ms-FocusZone gmail-css-133 gmail-ms-CommandBar gmail-root-231" role="menubar"><div role="group" class="gmail-ms-OverflowSet gmail-ms-CommandBar-primaryCommand gmail-primarySet-203"></div><div role="group" class="gmail-ms-OverflowSet gmail-ms-CommandBar-secondaryCommand gmail-secondarySet-185"><div class="gmail-ms-OverflowSet-item gmail-item-176" role="none"></div></div></div></div></div></div><div class="gmail-ms-OverflowSet-item gmail-item-176" role="none"></div><div class="gmail-ms-DetailsList gmail-ms-DetailsList--Compact gmail-is-horizontalConstrained gmail-root-236"><div role="grid" aria-label="CVSS Scores"><div role="presentation" class="gmail-ms-DetailsList-headerWrapper"></div></div></div><div class="gmail-ms-SelectionZone" role="presentation"><div role="presentation" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-GroupedList gmail-ms-GroupedList--Compact gmail-root-358 gmail-focusZone-237"><div class="gmail-ms-List" role="presentation"><div role="presentation" class="gmail-ms-List-surface"><div class="gmail-ms-List-page" role="presentation"><div role="presentation" class="gmail-ms-List-cell"><div class="gmail-ms-GroupedList-group gmail-group-359" role="presentation"></div></div></div></div></div></div></div><div class="gmail-ms-List-page" role="presentation"><div role="presentation" class="gmail-ms-List-cell"><div class="gmail-ms-GroupedList-group gmail-group-359" role="presentation"><div id="gmail-GroupedListSection336" title="CVSS Scores" class="gmail-ms-List" role="rowgroup" aria-label="Métricas de pontuação de base"><div role="presentation" class="gmail-ms-List-surface"><div class="gmail-ms-List-page" role="presentation"><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-0" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Vetor de ataque</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Rede</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-1" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Complexidade do ataque</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Baixa</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-2" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Privilégios necessários</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Nenhuma</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-3" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Interação do usuário</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Nenhuma</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-4" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Escopo</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Inalterado</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-5" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Confidencialidade</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Alta</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-6" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Integridade</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Alta</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-7" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Disponibilidade</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Alta</div></div></div></div></div></div></div></div></div></div><div class="gmail-ms-List-page" role="presentation"><div role="presentation" class="gmail-ms-List-cell"><div class="gmail-ms-GroupedList-group gmail-group-359" role="presentation"></div></div></div><div class="gmail-root-193"><div class="gmail-layout-140"><div class="gmail-root-144"><div><div class="gmail-ms-Viewport" style="min-width:1px;min-height:1px"><div class="gmail-ms-DetailsList gmail-ms-DetailsList--Compact gmail-is-horizontalConstrained gmail-root-236"><div role="grid" aria-label="CVSS Scores"><div role="presentation" class="gmail-ms-DetailsList-contentWrapper"><div class="gmail-ms-SelectionZone" role="presentation"><div role="presentation" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-GroupedList gmail-ms-GroupedList--Compact gmail-root-358 gmail-focusZone-237"><div class="gmail-ms-List" role="presentation"><div role="presentation" class="gmail-ms-List-surface"><div class="gmail-ms-List-page" role="presentation"><div role="presentation" class="gmail-ms-List-cell"><div class="gmail-ms-GroupedList-group gmail-group-359" role="presentation"><div id="gmail-GroupedListSection338" title="CVSS Scores" class="gmail-ms-List" role="rowgroup" aria-label="Métricas de pontuação temporal"><div role="presentation" class="gmail-ms-List-surface"><div class="gmail-ms-List-page" role="presentation"><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-8" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Maturidade do código de exploração</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Não provado</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-9" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Nível de remediação</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Correção oficial</div></div></div></div><div role="presentation" class="gmail-ms-List-cell"><div id="gmail-row329-10" role="row" class="gmail-ms-FocusZone gmail-css-133 gmail-ms-DetailsRow gmail-root-384"><span class="gmail-ms-GroupSpacer" style="display:inline-block;width:36px" role="gridcell"></span><div class="gmail-ms-DetailsRow-fields gmail-fields-381" role="presentation"><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:362px">Confiança do relatório</div><div role="gridcell" class="gmail-ms-DetailsRow-cell gmail-cell-387 gmail-cellPadded-386" style="width:1178px">Confirmado</div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><p>Consulte <a target="_blank" href="https://www.first.org/cvss" rel="noopener noreferrer" class="gmail-ms-Link gmail-root-267">Sistema de pontuação de vulnerabilidade comum</a> para obter mais informações sobre a definição dessas métricas.</p></div></div></div><div style="width:100%;display:flex" class="gmail-ms-DefaultCard" id="exploitability"><div class="gmail-root-268"><div class="gmail-header-270"><div class="gmail-root-272"><h2 class="gmail-root-273" id="exploitability">Exploração</h2></div></div><div class="gmail-layout-269"><div class="gmail-root-144"><p>A tabela a seguir fornece uma <a target="_blank" href="https://www.microsoft.com/msrc/exploitability-index" rel="noopener noreferrer" class="gmail-ms-Link gmail-root-267">avaliação de exploração</a> dessa vulnerabilidade no momento da publicação original.</p><dl class="gmail-css-361"><dt>Publicly disclosed</dt><dd>No</dd><dt>Exploited</dt><dd>No</dd><dt>Exploitability assessment</dt><dd>Probabilidade maior de exploração</dd></dl></div></div></div></div><div style="width:100%;display:flex" class="gmail-ms-DefaultCard" id="gmail-mitigations"><div class="gmail-root-268"><div class="gmail-header-270"><div class="gmail-root-272"><h2 class="gmail-root-273" id="gmail-mitigations">Atenuações</h2></div></div><div class="gmail-layout-269"><div class="gmail-root-144"><div><div class="gmail-css-362"><p>Mitigation
 refers to a setting, common configuration, or general best-practice, 
existing in a default state, that could reduce the severity of 
exploitation of a vulnerability. The following mitigating factors might 
be helpful in your situation:</p>
<ul><li>Systems are not affected if IPv6 is disabled on the target machine.</li></ul>
</div></div></div></div></div></div><div style="width:100%;display:flex" class="gmail-ms-DefaultCard" id="gmail-faq"><div class="gmail-root-268"><div class="gmail-header-270"><div class="gmail-root-272"><h2 class="gmail-root-273" id="gmail-faq">Perguntas frequentes</h2></div></div><div class="gmail-layout-269"><div class="gmail-root-144"><div><div class="gmail-css-362"><p><strong>How could an attacker exploit this vulnerability?</strong></p>
<p>An unauthenticated attacker could repeatedly send IPv6 packets, that 
include specially crafted packets, to a Windows machine which could 
enable remote code execution.</p>
</div></div><div><div class="gmail-css-362"><p><strong>Windows 11, version 
24H2 is not generally available yet. Why are there updates for this 
version of Windows listed in the Security Updates table?</strong></p>
<p>The new Copilot+ devices that are now publicly available come with 
Windows 11, version 24H2 installed. Customers with these devices need to
 know about any vulnerabilities that affect their machine and to install
 the updates if they are not receiving automatic updates. Note that the 
general availability date for Windows 11, version 24H2 is scheduled for 
later this year.</p><p><b><font size="4"><br></font></b></p><p><b><font size="4">Agradecimentos</font></b><br><br>    Wei in Kunlun Lab with Cyber KunLun<br><br>A Microsoft reconhece os esforços dos membros da comunidade de segurança que nos ajudam a proteger os consumidores graças à divulgação coordenada de vulnerabilidades. Consulte Agradecimentos para obter mais informações.</p>
</div></div></div></div></div></div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>===</div><div>Computer Security Incident Response Team - CSIRT</div><div>Universidade Estadual de Campinas - Unicamp</div><div>Centro de Computacao - CCUEC</div><div>GnuPG Public Key: <a href="http://www.security.unicamp.br/security.asc" target="_blank">http://www.security.unicamp.br/security.asc</a> [^]</div><div>Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830</div></div></div></div></div>