TLP Rating: Clear 
Critical vulnerabilities in Microsoft Windows TCP/IP stack
CERT Vanuatu (CERTVU) and the Office of the Chief Information was alerted of this vulnerabilities by its international partners.
The CERTVU office would like to advise it’s constituents on critical vulnerabilities in Microsoft Windows TCP/IP stack. Microsoft in its February 2021 monthly security update addressed several vulnerabilities in the TCP/IP stack. There are two critical vulnerabilities in particular that could allow an attacker to gain Remote Code Execution (RCE) access on vulnerable Windows devices. The vulnerabilities affects IPv4 and IPv6 respectively.
What it means
Microsoft Security Response Centre (MSRC) has stated the two RCE vulnerabilities are complex to exploit. It is likely that attackers will be able to execute Denial-of-Service (DoS) exploits more quickly so it is critical that users, organizations and institutions apply the latest Windows Security updates as soon as possible.
Which Microsoft systems are affected?
The below windows version are affected by these vulnerabilities:
- Windows 7
- Windows 8.1
- Windows 10
The following Windows Servers are also affected:
- Windows Server 2008
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019 Ver1909, Ver2004 and Ver20H2
Prevention
Apply the February 2021 Security updates as soon as possible
Mitigation Process
Microsoft has released a detailed workaround but applying the updates instead is more crucial.
References
1. https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/
2. https://www.cert.govt.nz/it-specialists/advisories/critical-vulnerabilities-in-microsoft-windows-tcpip-stack/
- Download advisory (English): Critical vulnerabilities in Microsoft Windows TCP/IP stack
- Download advisory (Bislama): Olgeta kritikol vulnerabiliti blong Microsoft Windows TCP/IP stack
- Download advisory (French): Vulnérabilités critiques dans la pile TCP/IP de Microsoft Windows