Skip Links

How to use a known IPv6 hole to fast freeze a Windows Network

Security experts want Microsoft and Juniper to patch a dangerous DoS hole. With this video, see it for yourself.

By Microsoft Subnet on Tue, 05/03/11 - 4:20pm.

At last week's Rocky Mountain IPv6 Summit in Denver, Ed Horley began his talk about IPv6 in Windows networks by warning attendees about a dangerous DoS vulnerability that Microsoft has so far shown no interest in fixing. I had a longer conversation about it with Horley. He pointed me to the YouTube video below that shows the hole in action.

I've documented much more information about the hole and how users and security expert have been asking and asking Microsoft to fix it in this related story: Microsoft, Juniper urged to patch dangerous IPv6 DoS hole. Juniper, too, has been informed it has some products that are vulnerable and it doesn't want to patch the hole either -- it wants the IETF to fix the protocol.

In the meantime, anyone on a LAN with a Windows machine that has IPv6 running (turned on by default in Microsoft's most recent versions) is at risk. The hole has been publicly disclosed, too.

This video was produced by Sam Bowne, a computer networking instructor at City College San Francisco who has also been pressuring Microsoft to fix the hole.


If you are interesting in learning more, here are links to some of the resources that discuss the RA vulnerability.

Blog Roll
Microsoft Subnet Home Page
All Microsoft Subnet bloggers
Blake Handler The Road to Know Where
Dmitry's PowerBlog
Doug Brown,DABCC
Ed Bott's Windows Expertise
Joseph Tartakoff Microsoft Blog
Long Zheng istartedsomething
Paul Thurrott's Supersite for Windows
Robert McLaws WindowsNow
Todd Bishop's Microsoft Blog