Tracked as CVE-2020-16898, the issue is triggered when the TCP/IP stack doesn’t handle ICMPv6 Router Advertisement packets properly. An attacker could send specially crafted ICMPv6 Router Advertisement packets to a remote Windows machine to exploit the flaw and execute arbitrary code, Microsoft explains.
The tech company notes that Windows 10 and Windows Server are vulnerable to attacks and that there are no mitigations. However, one workaround is available.