US Cyber Command warns Microsoft customers to immediately patch their systems against the critical and remotely exploitable CVE-2020-16898 vulnerability addressed during this month’s Patch Tuesday.
CVE-2020-16898: “Bad Neighbor”
Release Notes
October 2020 Security Updates
Release Date: October 13, 2020
CVE-2020-16898 mitigation
Microsoft provides a workaround for all customers who can’t immediately apply the security update that addresses this critical security bug.
Microsoft advises customers who can’t install the update to disable the ICMPv6 Recursive DNS Server (RDNSS) option using the following PowerShell command on systems running Windows 1709 and above (no reboot is needed):
netsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=disableTo re-enable ICMPv6 RDNSS once you applied the security update you have to use this PowerShell command (no reboot needed):
netsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=enableHowever, it should be noted that this is only a short term fix that blocks known attack vectors, and that you can fully mitigate the vulnerability and protect vulnerable systems only by applying the security update.