Windows TCP/IP RCE and DoS Vulnerabilities [CVE-2021-24074 & CVE-2021-24086 & CVE-2021-24094]

CVE numbers – CVE-2021-24074 & CVE-2021-24086 & CVE-2021-24094

Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS) vulnerability (CVE-2021-24086).

The two RCE vulnerabilities are complex which make it difficult to create functional exploits, so they are not likely in the short term. We believe attackers will be able to create DoS exploits much more quickly and expect all three issues might be exploited with a DoS attack shortly after release. Thus, we recommend customers move quickly to apply Windows security updates this month. 

The DoS exploits for these CVEs would allow a remote attacker to cause a stop error. Customers might receive a blue screen on any Windows system that is directly exposed to the internet with minimal network traffic.  

It is important that affected systems are patched as quickly as possible because of the elevated risk associated with these vulnerabilities, and downloads for these can be found in the Microsoft Security Update Guide.  Customers who have automatic updates enabled are automatically protected from these vulnerabilities.