At last week's Rocky Mountain IPv6 Summit in Denver, Ed Horley began his talk about IPv6 in Windows networks by warning attendees about a dangerous DoS vulnerability that Microsoft has so far shown no interest in fixing. I had a longer conversation about it with Horley. He pointed me to the YouTube video below that shows the hole in action.
I've documented much more information about the hole and how users and security expert have been asking and asking Microsoft to fix it in this related story:
In the meantime, anyone on a LAN with a Windows machine that has IPv6 running (turned on by default in Microsoft's most recent versions) is at risk. The hole has been publicly disclosed, too.
This video was produced by Sam Bowne, a computer networking instructor at City College San Francisco who has also been pressuring Microsoft to fix the hole.
If you are interesting in learning more, here are links to some of the resources that discuss the RA vulnerability.
Julie Bort is the editor of Microsoft Subnet and Network World's Online Community Editor. She also writes the Open Source Subnet blog and is the editor responsible for the Cisco Subnet and Open Source Subnet web sites. If you have an idea for a blog, or a news tip on Microsoft, Cisco or Open Source technologies, contact her at firstname.lastname@example.org, 970-482-6454 or follow Julie on Twitter @Julie188.
The Microsoft Subnet blog is the official blog of the Network World's Microsoft Subnet community. Microsoft Subnet is the independent voice of Microsoft customers and is your gateway to daily Microsoft news, blogs, opinion, books, prize giveaways and more. Visit the Microsoft Subnet index page daily, and while you are there, subscribe to the Microsoft newsletter.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited