Comments on Technology and Ideas to be developed.

You have to apply a security patch or do it by hand according to the news:

https://news.sophos.com/en-us/2020/10/13/top-reason-to-apply-october-2020s-microsoft-patches-ping-of-death-redux/

On the Microsoft site according to:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898

When you are going to download given the version of windows you have, a download of more than 1 GigaByte appears !!.

Then on that same page it appears how it can be "resolved" by hand, which is by running the following command in PowerShell:

netsh int ipv6 set int * INTERFACENUMBER * rabaseddnsconfig = disable

What is missing is knowing the proper InterfaceNumber, which can be achieved by running a command console with administrator privileges.

First, to open a command console with administrative privileges go to C: \ WINDOWS \ system32 \ cmd.exe and with the right click select "Run as Administrator"

Once in the console it will appear, changing the version of Windows for yours:

Microsoft Windows [Version 10.0.17134.1130]
(c) 2018 Microsoft Corporation. All rights reserved.

To Run PowerShell give:

C: \ WINDOWS \ system32> powershell
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

To know the number of each interface, give:

PS C: \ WINDOWS \ system32> route print
================================================ ==========================
Interface List
16 ... 00 ff 8e 3a 31 af ...... TAP-ProtonVPN Windows Adapter V9
10 ... f0 03 8c 8b d7 e5 ...... Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter
17 ... f2 03 8c 8b d7 e5 ...... Microsoft Wi-Fi Direct Virtual Adapter # 2
25 ... f0 03 8c 8b d7 e5 ...... Microsoft Wi-Fi Direct Virtual Adapter # 3
5 ... 30 e1 71 27 e1 6d ...... Realtek PCIe FE Family Controller
15 ... 00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
7 ... 00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
2 ... 00 50 56 c0 00 02 ...... VMware Virtual Ethernet Adapter for VMnet2
22 ... 00 ff ba 97 62 f7 ...... TAP-Windows Adapter V9
3 ... 00 ff 07 34 a7 3d ...... TeamViewer VPN Adapter
1 ........................... Software Loopback Interface 1
================================================ ==========================

IPv4 Route Table
================================================ ==========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.100 291
192.168.1.100 255.255.255.255 On-link 192.168.1.100 291
192.168.1.255 255.255.255.255 On-link 192.168.1.100 291
192.168.58.0 255.255.255.0 On-link 192.168.58.1 291
192.168.58.1 255.255.255.255 On-link 192.168.58.1 291
192.168.58.255 255.255.255.255 On-link 192.168.58.1 291
192.168.245.0 255.255.255.0 On-link 192.168.245.1 291
192.168.245.1 255.255.255.255 On-link 192.168.245.1 291
192.168.245.255 255.255.255.255 On-link 192.168.245.1 291
192.168.253.0 255.255.255.0 On-link 192.168.253.1 291
192.168.253.1 255.255.255.255 On-link 192.168.253.1 291
192.168.253.255 255.255.255.255 On-link 192.168.253.1 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.245.1 291
224.0.0.0 240.0.0.0 On-link 192.168.253.1 291
224.0.0.0 240.0.0.0 On-link 192.168.58.1 291
224.0.0.0 240.0.0.0 On-link 192.168.1.100 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.245.1 291
255.255.255.255 255.255.255.255 On-link 192.168.253.1 291
255.255.255.255 255.255.255.255 On-link 192.168.58.1 291
255.255.255.255 255.255.255.255 On-link 192.168.1.100 291
================================================ ==========================
Persistent Routes:
None

IPv6 Route Table
================================================ ==========================
Active Routes:
If Metric Network Destination Gateway
1 331 :: 1/128 On-link
15 291 fe80 :: / 64 On-link
7 291 fe80 :: / 64 On-link
2 291 fe80 :: / 64 On-link
5 291 fe80 :: / 64 On-link
15 291 fe80 :: 8cd: fb4f: 4de9: 2e82 / 128 On-link
7 291 fe80 :: b17c: 3ee5: 32b9: a046 / 128 On-link
2 291 fe80 :: d0e0: 431c: 8c25: 2cc7 / 128 On-link
5 291 fe80 :: d5b9: 3050: 98a1: dcb1 / 128 On-link
1 331 ff00 :: / 8 On-link
15 291 ff00 :: / 8 On-link
7 291 ff00 :: / 8 On-link
2 291 ff00 :: / 8 On-link
5 291 ff00 :: / 8 On-link
================================================ ==========================
Persistent Routes:
None

In this case the interfaces to take into account are 5 and 10, then give:

PS C: \ WINDOWS \ system32> netsh int ipv6 set int 5 rabaseddnsconfig = disable
Ok.

PS C: \ WINDOWS \ system32> netsh int ipv6 set int 10 rabaseddnsconfig = disable
Ok.

The answer Ok implies that the problem amendment has already been applied.

To exit PowerShell give:

PS C: \ WINDOWS \ system32> exit

C: \ WINDOWS \ system32>

Or just close the command window.

And you will already have your system protected for this very old vulnerability that is now coming to light !!

Octavio Báez Hidalgo.

{jcomments on}