Oracle forms application running as a Java applet in IE is always fun thing to work with..... And the 2nd best thing is having like 2 page manual on intranet how to hack it to work....
Usually you set this up to only open up certain pages in IE mode and not all pages which makes it much harder to exploit. At least according to my experience
If configured correctly then Edge will not use IE mode except for specific sites that are put in to a list of sites that require IE mode, such as an intranet site. If not using a centrally managed enterprise list of sites for Edge in IE mode then sites in the browser managed list expire after 30 days. Clicking a random link is somewhat unlikely to send you to Edge in IE mode.
Yeah, an average person has no idea what goes on in their bank, Edge IE mode is pretty modern compared to the 100s of legacy mainframe systems. Also as many people already stated, no way you gonna open a wrong link in IE mode unless something is wrong on org settings level.
@@DefinetlyFamillyFriendly I work for a large enterprise in health care... we have a IE mode entries in our EMSites list. This is very common in enterprise for support of older software or internal websites.
@@DefinetlyFamillyFriendly Most EMR and EHR (if not most, it’s still a LOT of) only works on IE. Honest to god it destroys my soul every time I have to configure a Device Configuration profile in InTune for a client that opens up and enforces Edge in IE mode, adding all the providers URLs to the trusted sites list… Madness… Edit: rereading my comment, it sounds like I am trying tell you something you don’t already know. So my bad, was just a general statement
"Microsoft, this is seventh time in a row you're showing remote code exploit to the class" - Somebody once told them to do what they're good at, and they took that advice to heart. The problem for us is that they're good at being insecure.
People have no idea how much of the world runs in legacy mode. Edge IE is one of the requirements for the world to run. Large companies usually only change what makes money. We are still migrating to github at work
"Nobody uses Edge in IE mode" My career installing electronic security and servicing 10+ year old PoE cams needing ancient obscure ActiveX plugins to manage them says otherwise.
Do those actually run on the wider Internet? Because I know people use IE mode for intranet stuff, but a website designed for IE mode would fail for 95% of users.
It's funny you state that no one uses Edge and especially not Edge in IE mode - meanwhile I work for a large, well-known corporation whose handful of extremely important internal applications are incompatible with Edge and can only be run in IE mode...
Had that with infrastructure equipment like switches in really big companies. Their stuff was so ancient that you either had to download a reaaaaaaaaaaaaaaaaaaaaaaaaaaaaaallly old firefox version or use edge in ie mode
If configured correctly then Edge will not use IE mode except for specific sites that are put in to a list of sites that require IE mode, such as an intranet site. If not using a centrally managed enterprise list of sites for Edge in IE mode then sites in the browser managed list expire after 30 days. Clicking a random link is somewhat unlikely to send you to Edge in IE mode.
A major bug in the TCP/IP stack is not at all surprising, Microsoft is the same company that never bothered to fix a bug in Windows 8.1 that would cause the TCP/IP stack to break after about 30 minutes if you used a Wi-FI driver compiled against Windows 8.1.
What does compiling against mean? Compiling the driver to run on a specific version of windows? Also shouldn't there be tons of Wi-Fi drivers out there from different Wifis manufacturers?
@@mattmurphy7030 I would have thought that windows has pretty good backwards compatibility and assumed that you don't have to maintain the same driver across multiple windows versions. That must suck. So there is a single global wifi driver pre installed in windows 8.1 that works for all wifi manufacturers and had that bug you were talking about?
@@ArkenGAMESnah it's that Microsoft broke the dependencies that WiFi device manufacturers use to build the firmware blobs into installable Windows drivers so that when the driver installs regardless of the manufacturer it will break Another reason the driver should be presented at the kernel level and treated sincerely as such, rather than slapping them on willy nilly
IPv6 is disabled on my machine because it wouldn't play nicely with Outlook... So a bug in one product, saved me from a security vulnerability in another 😅
@@howelon3099 7:44 So you interpreted "Systems are not affected if IPv6 is disabled on the target machine." to mean "Systems *are* affected even if IPv6 is disabled on the target machine." or am I missing something...
@@erikb4407 Well when I read the original writeup it said even if ipv6 is disabled the packets bypass the firewall anyways and will execute the said packets/code. Maybe this is referring to something else?
@@howelon3099 If you look at the original writeup on the microsoft website for this specific CVE, it says under *Mitigations* _"Systems are not affected if IPv6 is disabled on the target machine."_
I know it isn't really relevant to to the discussion at hand, but saying IPv6 has "billions and billions of addresses" (9:48) is just a *crazy* understatement of how many addresses IPv6 has. It's IPv4 that has "billions AND billions" - about 4.3 billion, in fact - while IPv6 is more like "billions OF billions… OF BILLIONS… of addresses *for each IPv4 address*". If you assigned an entire IPv4 worth of addresses, to every human who has ever lived, once a second, it would take about 21 BILLION YEARS (or about time and a half the current age of the universe) to exhaust IPv6. That is a BIG address space!
Fun fact: Another language in the “BOL” tradition - SNOBOL4 and SNOBOL5 (Oregon) has ancient syntax but awesome feature set for text data extraction and parsing, and is very much useful today. It may have COBOL vibes but wowzers is it miles better than trying to use regexes to extract data from non-regular-language input (CrowdStrike cough cough).
@kensmith5694 there's a couple of banks near me offering damm good money for students to do COBOL, apparently saying their last few programmers are in their 60's and 70's(!), and have returned to work after retiring some years ago. They paid for eye surgery for one lol 😆
Oh yea, if you want a idea how dire their situation is, heck a cold winter could finish off their COBOL team 😬 the local Unis allow them to come it at fresher week and say to the Comp Sci students can you see yourself doing this? There's a paid 'apprenticeship' right this way if you do.... but every week that you learn more about new stuff you get further away from where we need you to be, so come now No other companies get that opportunity
Plenty of things use it in the enterprise space… “we either have to upgrade the LOB system and pay a ton of cash… or set GPO to automatically open these in IE Mode.”
Nice ! If you have time - try to reverse-engineer the faulty (bugged) DLL, will ya ? Diff-compare the old and the patched, unleash our unholy couple - Ghidra and x64dbg - on them ... and lets see whether it was a bug ... or a feature? Should be a good watch :)
@@jagdtigger perhaps my point was missed, I was hoping to point out that users often do not get a choice what router they can use, I sure don't. I have 2 ISPs in my area, and one is DSL and would go out on an hourly basis, and when it did work it had less than 1MBPS download. So, I've realistically got only one option for my ISP. They refuse to service any router which isn't theirs, and their routers are extremely locked down. I don't have an option
Interesting fact: MS at some point took the TCP/IP stack from OpenBSD because they lost knowledge of their own sourcecode. Yet they still fucked up something robust anyway. There is also a story that they asked the Samba project to help them with their SMB protocol code because they also lost the knowledge. They refused because MS wasn't willing tho share information in the past.
1:40 "no one uses Edge" I would like to point out -- for all it's flaws... *MS* does a *FANTASTIC* job with the *READ ALOUD* function it is TOP TIER ! ! !
yep, use that too, to check on my own documents. You can read across missing words, but hearing it read aloud you spot all the things the spelling checker misses.
"Crowdstrike: The 'Patch Tuesday' is not even close to 'Stranded Friday.'" - I can't say I agree with that. I would much rather have my computer crash and refuse to boot than have a malicious actor take control of it remotely, especially if they can do so without any user interaction.
I don't either. I'd rather have my data be stolen by microsoft, google, and other large companies than some unknown browser extension. I don't have ANY browser extension at all. I used to have quite a few and a well-known one in them got hacked one day and I believe it stole my credentials from sites. So I had to change my credentials and reset my computer. Chrome extensions can't really be trusted. The Chrome web store, most obviously, doesn't work like the google play store. Nothing is reviewed on there and there are no constraints over what the extension can access, obviously because most extensions need to access site data such as dark mode readers, and ad blockers, for example.
correction (5:10): the OSI model is a reference model and not actually used in practice. the TCP/IP model is used in practice, though OSI is taught as it's a good entry point into networking.
LLL: "No one uses Edge in IE mode." The comments section: "You just activated my trap card!" Large companies: "Guess I'll die" Banks: "First time?" Me: *grab popcorn*
@@trail.blazer I doubted that would be true and that it would probably just emulate IE like changing the user agent header and a bunch of other compatibility settings but you're actually right it ships with the "Trident MSHTML" browser engine that was first released in 1997, and apparently that means a bunch of new web standards totally wont work. Microsoft is wack. I do not envy anyone who has to maintain software made for IE mode, must be a pain in the ass.
@@BlueBetaPro Is it really Microsoft that is wack? The reason Microsoft is providing it is that there are ancient pieces of software only compatible with it. So it’s the enterprises using such software that are ‘wack’, if anything.
@@abcdqwerty3562 I know it's not wack to provide the backwards compatibility in the first place but it's the way that they went about it from a technical perspective that sounds wack. From a web development perspective it's really incompatible with modern standards despite being in a modern browser, and from a software development perspective it's lazy to include something that I assume is quite a large binary/library into the application just to provide a little bit of backwards compatibility.
The number of users is inflated as Microsoft force edge to launch by overriding default settings Plus Windows 11 silently uses edge to run user-implied search requests
Correction regarding the IPv6 reach-ability topic. The true protection we get from NAT is the statefulness capability that it forced on dinky home routers. that same statefulness also protects IPv6 hosts, regardless of whether they have an internet routeable address or not. If the connection didnt initiate from my host, it doesnt matter that you can guess my IP. if it _did_ initiate from my host NAT won't protect me from those dodgy packets. This particular vuln would be most effective in places where a host is not behind a firewall or where the malicious actor is already behind the firewall. roaming wifi, some cellular networks, weak govt agency networks, that sort of thing
in other words: how would these "carefully crafted" malicious ipv6 packets even reach my pc if adsl modem/router has all ports closed? and pc has firewall. in that case i have to click something, somewhere...which is same as openiong suspicious mail attachments.... so....not really 9.8 of 10 vulnerability with all those factors. and...well....i'm not on ipv6 anyway.....i hear half the germans are....hehe.....
@@ivok9846 IMO it's still a 9.8. I don't think CVEs should assume anything about local networks when assessing risks. But for the rest of us, its an important reminder that stateful firewalls are useful, IPv6 does not equal direct internet access and maybe stay away from MS Windows.
"Systems are not affected if IPv6 is disabled on the target machine." Oh, so basically every Windows machine I've had to touch is already unaffected. IPv6 is one of the first things I disable on any machine and I have never needed it in local network environment.
Except unless your Grandma is somehow still managing to use XP or Win7, she IS PATCHING, whether she bloody likes it or not, pretty much every time she turns on her computer.
@@SreenikethanI i mean how is someone just using whatever came with their pc patching, the os stopped getting patches, i dont imagine them manually going through the kb catalogue, just disabling update notifications
@@burtburtist Because Windows automatically updates (and forces restarts), and you cannot override this without knowing a decent bit about computers. The only way a Windows 10+ computer wouldn't be updating is if it isn't online. But then it isn't vulnerable.
@@ZipplyZane thanks for the actual answer, i didnt consider it working as intended i guess, the windows 7 failing to update bug seems pretty common, and im pretty sure 7 was no longer getting updates anyway, forgot if the update to 8 then 10 or whatever was truly automatic but its been a hot minute since ive run 7 myself.
I used to work for a company that was using IBM's SAP HR platform which required all the computers to be versions of windows that still supported full IE (so it was Windows 7 across the board), not to mention it had an antique Java backend
@@originzz one of their access paths likely Waa discovered. Let's not forget that your: CPU Gpu Bios Cables TV Phone Entire life is backdoored. There is no privacy, soon we will see covid & 1940s esque neighbours snitching on neighbours and anyone they can in order to win favour with big brother. Dangerous times ahead
Doing a ping-sweep on IPv6 is a little like the SETI mission statement. There's gotta be somebody out there somewhere.... right? I guess bounds-checking code in the IPv6 stack is down there on the priority list, when having malformed packets hurled randomly at your machine from the ether would be an event so novel that it might inspire the plot of a science fiction movie.
So, in other words, to take control of a Windows system which has IPv6 enabled, an attacker simply needs to know the IPv6 address of a target machine and send a specially-formed packet (or series of packets) to it. The saddest part of this is not that this vulnerability exists, but rather that it's not surprising. Microsoft (and all other companies) needs to either fire all of its programmers for negligence or stop releasing software until they patch all of the existing security vulnerabilities and audit the software to find all vulnerabilities that are currently unknown (and fix them, too). It's infuriating that virtually nobody who writes software thinks of security as a priority. Security should be the top priority, far ahead of performance and "how quickly can we get this product released".
Hey, Low level learning, just wanted to inform you that, on your academy website, the original price in the price discount for lifetime access is incorrect (or at least, it states that the normal price is 197 and the new price is 319, which would certainly push me to wait till September 2nd ;p)
Plenty of people use Edge. And even those who don't, still have times where they use edge, because windows continues defaulting links into Edge regardless of your chosen browser. And as others have said, there are many corporates that still rely on legacy IE mode for Edge. Saying "noone uses Y" is weird in a world where Southwest Airlines was able to escape the Crowdstrike issue solely because their systems are all Windows 3.1 or 95 and where banks are still running Fortran-based systems.
So...everyone's home computers in the U.S. are safe. That's because the major U.S. ISPs (Comcast, Cox, CenturyLink, Spectrum, etc.) have been dragging their feet on IPv6 deployments since forever and have zero incentive to do a full nationwide rollout. The only truly affected entities in the U.S. are Windows servers in the cloud that got assigned both IPv4 and IPv6 addresses, which amounts to two classes of affected users: "Large enterprises paying ridiculous sums of money to host their stuff on Azure" and the government. Everyone else is largely unaffected.
As an IPv6 stan this saddens me! Knee jerk reaction will be to turn off IPv6 and never turn it back on. IPv6 does have a private address range. Hopefully router manufacturer default will be to use these addresses and not a public addresses for your LAN Link-Local addresses are a god send when a remote device gets replaced with a spare and you get the call that it's not working.
No, please. Do not use IPv6 private ranges. They are there for a legacy reason. Your router should use DHCP-PD to ask for a range from your ISP. Then your router will announce that range via SLAAC to the internal networks. IPv6 is designed to not need DHCP server. The concept of public v private is a characteristic of your firewall. Your internal networking being publicly routeable doesn't mean they are publicly accessible.
@@Lue30499 I will never, ever understand this ridiculous notion. "Let's not have private addresses anymore! YAY! Everyone is directly on the Internet!" and it's equally daft companion ... "NAT is not security!" Except _it literally is._ If you're not reachable directly via the Internet, you are not vulnerable to exploits that attack you ... directly ... from the Internet. The route just does not exist. "So use a firewall that blocks incoming traffic." And that's fine. _If you do it._ With IPv4, and the near-ubiquitous usage of NAT imposed by the IP shortage, there was basically no choice. Everyone was behind a one-way filter by a matter of course. With IPv6 ... eh. It's optional. The problem with that, of course, is that.... _it's optional_ ... and therefore, it _will_ be turned off. (Or just never turned on.) More to the point, you won't necessarily know, because it works either way. IPv6 has gazillions of IPs. There's no need to conserve. But that doesn't mean NAT isn't still a really good *layer* to have in the security stack. Removing it from conventional network design was the dumbest freakin thing about IPv6. And there are a lot of dumb things about IPv6.
@@Lue30499what meaningful difference does being publicly routable make if it doesn't allow packets the user may not have expected or prepared for to reach the device?
I thicked ever insecurity box: - A stupidly large number of open ports. - Having SMB (v1) enabled all the time. - Turning off antivirus always. - Questionable custom Firewall rules. Turns out randomly choosing to disable IPv6 would actually save my ass.
So many comments about Edge & IE when there's a CVSS 9.8 RCE in TCP/IP. Corporate machines will get patched pretty quick, the concern will be those "unpatchable" devices, since we need to assume this bug has existed in the codebase of older OS, IPv6 is fully routabble, edge security may not be blocking the affected traffic, and patch reversing is a whole thing for motivated attackers & curious minds.
The problem is that hackers use these patches to see what Microsoft is patching and then reverse engineer and/or start investigating the code that is being patched and discover how to use the exploit. I give it a few days before the IPv6 TCP/IP stack *is* being used to exploit systems in the wild. Patch or disable IPv6 on your NIC interfaces NOW!
@@Tenetri it is, also take a look at the android security bulletin, yeah, it's udp in general, buuuuut, probably easier to exploit with ipv6, there was an unauthenticated, remote code execution in Android's network stack, too
1:40 I can't speak for everyone, but there are some systems I have worked with that still require the compatibility mode for their web app to function, and this is in Health Care, although it may not be many, the impact that could have on patient privacy needs to be taken into consideration
Love your channel, I am fairly technical due to my career and interests in computers and so I enjoy how you recap stuff, explain stuff but also don’t go so far as sucking eggs. Subscribed!
Unless I'm mistaken, a webserver can force edge into IE compatibility mode with http headers. So if a user goes to such a site while using Edge and clicks a malicious link, bad things can happen.
well a quick google says you get roughly 2.5 pow(21) IP addresses per grain of sand in sahara, still way way to big to visualize. given that 7506320 grains of sand per sqf, and average depth of sand is 200feet. Some large numbers like this, what is understandable is that we no longer need NAT :D
Many companies use Edge on their managed operating environments (MOE) for Windows Clients and indeed Servers, and in fact we actively have been removing Chrome due to all of the security vulnerabilities that is was getting compared to Edge (issues not related to the common Chromium compoent). When you have to do regular patching cycles and off-cycle urgent securty patching for many different software tools (Microsoft, Google, Adobe etc), it makes sense to consolidate the number of update points if you can, without impacting the users' ability to work effectively. It's more efficient and easier to maintain. No real need for Chrome in a Microsoft Azure environment, for example, unless you have some wierd software that is somehow dependent on Chrome (highly unlikely situation since Edge move to Chromium though). I am not saying that that Edge is better than Chrome al the time, but it is better in those type of corporate situations. Obviously IE Mode is just asking for trouble, but this can be locked down using group policy.
This reminds me if the issue back in the day, with Windows XP SP1 called "Raw Sockets". This was a vulnerability that allowed attacker to attack a system remotely, outside of the standard TCP/IP protocol and allowed attackers to be able to manipulate both the Transport and IP Layers. It was kind of a big deal back then and a major reason why, Microsoft implemented a firewall in Windows XP SP2.
Can you explain the new AMD CPU buck in detail. It sounds super complicated, but it also sound like you are in trouble anyway on a machine if you can be effected by this buck. But a vulnerability that stays on your pc even after you reinstall your OS just sounds bad 🙁. But I think it could be interesting to take a closer look.
Man ngl I think I got hit by one of those, and I still have the motherboard (an amd b450) but have not quite been able to figure out how to diagnose the thing without infecting more USB drives with whatever was on it. So as far as I got, was basically that it has the capability to propagate via USB drives without any user interaction (just by plugging it into the powered on motherboard). Drives used in my testing/troubleshooting/analysis lost all ability to be reformatted too. Idk if that's from the same exploit or vuln you mentioned but it sounds like what I had happen.
@@apIthletIcc The USB issue is something else and I don't know how to test if you have this issue. The AMD CPU one that I am talking about, I think they call that Sinkclose vulnerability. 🤷♂But they are similar, just for CPU's.
Same here. I use a tunnel from Hurricane Electric, which works great except that Google makes you use a captcha because it's flagged HE's entire network. You can get a /48 and several /64s for free.
If you want to pick up a necessary skill (that should be in first semester but wasn't truly mentioned at my uni except in electronics engineering): "Practical UML Statecharts in C/C++ - Event-Driven Programming for Embedded System". Nothing complex or trendy, just a great book explaining the skills one should have. Pricey though, it's that luxury CRC company (and suddenly you understand why Godot is doing what it does in the way it does it)
one thing that really gets me. Why is consumer, programer, and buisness service windows the same windows? Seems like Microsoft is inviting problems. Its one thing to have cross compatability, its another to try and make the same product for all of them
I'm going to guess that after the RCE vulnerability for WiFi that happened a few weeks back and sent everyone scrambling to update, someone at Microsoft decided to take a closer look at their TCP/IP stack to see if there were any other RCE vulnerabilities that they had also overlooked. Is _anyone_ surprised that they found one? Anyone? No? Okay.
"No one uses Edge." Well, that's not true. They based it on Chromium and a lot of people no longer have any resistance to the MS pressure to use it, so use of Edge is increasing. "No one uses Edge in IE mode." Oh, bless your heart. You've never worked in the DoD. I'm sure you'll feel really safe learning that a LOT of DoD systems are outdated and can only be accessed using IE or Edge in IE mode.
Good thing that one of the first things I do on a new machine is to disable IPv6 for the crapton of QoS issues it causes for me. (Ignoring that I don't use Windows for anything important.)
Is it me or remote escalation bugs in pieces of software that should be decades old (and therefore bug free) are getting more and more common? What exactly *is* patch Tuesday these days? Adding two bugs for every one you fix?
While yes, the most that are watching this already know about IPAdresses, but i basically just Forward this to my family so they Update their PC so i appreciate explaining this a bit more on a surface level.
I feel like I should have anticipated that leaving IPv6 enabled, because it's enabled by default, would be a security vulnerability. Was this really just discovered, or just the cover blown. Systems should be hardened out-of-the-box, requiring users a enable the features that they actually need.
no way haha anyway, you should go learn to code at lowlevel.academy (hehe)
way
You’ve sold out man. Letting these dodgy sponsors into the channel…
No way. Big if true
Why don't you use adblock?
An IT guy that gets ads in his browser? WTAF? 👎
"Nobody uses Edge in IE mode"
*allow me to introduce 20 year old corporate web apps*
Lemme introduce Opera 5, Oracle shittiest app that runs on IE mode.
This is 100% true
I was gonna say.
I can already smell the next big wave of ransomware. 😭
Oracle forms application running as a Java applet in IE is always fun thing to work with..... And the 2nd best thing is having like 2 page manual on intranet how to hack it to work....
A ton of people are still using Edge in IE mode, and they are all part of large companies.
So ultimately the end user is safe but isn't because a company that has their personal data is gonna get hacked.
Usually you set this up to only open up certain pages in IE mode and not all pages which makes it much harder to exploit. At least according to my experience
@@benargee And if you know nothing about computers, you are going to copy those settings at home, "because they work"
If configured correctly then Edge will not use IE mode except for specific sites that are put in to a list of sites that require IE mode, such as an intranet site. If not using a centrally managed enterprise list of sites for Edge in IE mode then sites in the browser managed list expire after 30 days. Clicking a random link is somewhat unlikely to send you to Edge in IE mode.
I'd wager a lot of people who have Crowdstrike have Edge in IE mode...
LLL: "no one uses IE mode"
Banking companies / check scanner systems: 👀
those use the original IE on Windows XP, and no, I'm not joking, just have a closer look at your local ATM, you will be surprised ...
I could not believe that a bank is still using IE mode for scanning checks for payroll ... its so odd ... I had to support this garbage
Once my mother was using an ATM here in Brazil and when she finished what she was doing the ATM showed a windows xp shutting down screen.
I was so happy when they moved from IE6 -> IE8.
Yeah, an average person has no idea what goes on in their bank, Edge IE mode is pretty modern compared to the 100s of legacy mainframe systems.
Also as many people already stated, no way you gonna open a wrong link in IE mode unless something is wrong on org settings level.
"Nobody uses Edge or Edge in IE mode" Oh.. sweet summer child...
@@DefinetlyFamillyFriendly I work for a large enterprise in health care... we have a IE mode entries in our EMSites list. This is very common in enterprise for support of older software or internal websites.
Some of the most widespread SCADA systems feature web servers that can only be accessed with IE
So many tech RUclipsrs, especially security focused RUclipsrs have this cringe ignorance, it’s a lack of real world experience I think.
@@DefinetlyFamillyFriendly Most EMR and EHR (if not most, it’s still a LOT of) only works on IE. Honest to god it destroys my soul every time I have to configure a Device Configuration profile in InTune for a client that opens up and enforces Edge in IE mode, adding all the providers URLs to the trusted sites list… Madness…
Edit: rereading my comment, it sounds like I am trying tell you something you don’t already know. So my bad, was just a general statement
My last employer only deprecated that because they HAD to, not because they wanted to. Required an entire backend change.
Microsoft, this is seventh time in a row you're showing remote code exploit to the class
"Microsoft, this is seventh time in a row you're showing remote code exploit to the class" - Somebody once told them to do what they're good at, and they took that advice to heart. The problem for us is that they're good at being insecure.
People have no idea how much of the world runs in legacy mode. Edge IE is one of the requirements for the world to run. Large companies usually only change what makes money. We are still migrating to github at work
"Nobody uses Edge in IE mode"
My career installing electronic security and servicing 10+ year old PoE cams needing ancient obscure ActiveX plugins to manage them says otherwise.
Do those actually run on the wider Internet? Because I know people use IE mode for intranet stuff, but a website designed for IE mode would fail for 95% of users.
Or silverlight…
@@SomeDudeInBaltimore ActiveX, yeah that was too many Exes ago to remember
It's funny you state that no one uses Edge and especially not Edge in IE mode - meanwhile I work for a large, well-known corporation whose handful of extremely important internal applications are incompatible with Edge and can only be run in IE mode...
Had that with infrastructure equipment like switches in really big companies. Their stuff was so ancient that you either had to download a reaaaaaaaaaaaaaaaaaaaaaaaaaaaaaallly old firefox version or use edge in ie mode
same...
The fnсk is the large well-known corporation whose handful of extremely important internal applications REQUIRE IE IN 2024. Clients need to know XD
@@zyplocs is it Delta or Cloudstrike? 😂
If configured correctly then Edge will not use IE mode except for specific sites that are put in to a list of sites that require IE mode, such as an intranet site. If not using a centrally managed enterprise list of sites for Edge in IE mode then sites in the browser managed list expire after 30 days. Clicking a random link is somewhat unlikely to send you to Edge in IE mode.
2:25 „it’s just another Tuesday for Microsoft“ xD
_For you, the day Microsoft ruined your security was the most important day of your life. But for me, it was Tuesday._
At least it ain't Friday.
A major bug in the TCP/IP stack is not at all surprising, Microsoft is the same company that never bothered to fix a bug in Windows 8.1 that would cause the TCP/IP stack to break after about 30 minutes if you used a Wi-FI driver compiled against Windows 8.1.
What does compiling against mean? Compiling the driver to run on a specific version of windows? Also shouldn't there be tons of Wi-Fi drivers out there from different Wifis manufacturers?
@@ArkenGAMESeach version of windows has its own SDKs (DDKs in the case of drivers)
@@mattmurphy7030 I would have thought that windows has pretty good backwards compatibility and assumed that you don't have to maintain the same driver across multiple windows versions. That must suck.
So there is a single global wifi driver pre installed in windows 8.1 that works for all wifi manufacturers and had that bug you were talking about?
There's also the WSAPoll bug and they didn't care until Win10 was released.
@@ArkenGAMESnah it's that Microsoft broke the dependencies that WiFi device manufacturers use to build the firmware blobs into installable Windows drivers so that when the driver installs regardless of the manufacturer it will break
Another reason the driver should be presented at the kernel level and treated sincerely as such, rather than slapping them on willy nilly
"Nobody uses Edge in IE mode"
Laughs in Corporate IT
Me who always disables IPV6 because the long weird address is annnoying 😎
mfw 127.0.0.1 instead of ::1 (the latter is longer and more annoying)
For some reason I read the title as "microsoft patches IN extreme vulnerability" and I wasn't even surprised I was just curious what it was
@@kissgergo5202 underrated comment
its their new crypto AI skibidi toilet update. it buzzwords your software and such
"Yes, master. They left an interpreter in the TCP/IP stack that can be fed instructions directly from the packet"
"Good. Good."
IPv6 is disabled on my machine because it wouldn't play nicely with Outlook... So a bug in one product, saved me from a security vulnerability in another 😅
Turning it off actually doesnt prevent the bug from working just make sure that your windows is up to date
@@howelon3099 7:44 So you interpreted "Systems are not affected if IPv6 is disabled on the target machine." to mean "Systems *are* affected even if IPv6 is disabled on the target machine." or am I missing something...
@@erikb4407 Well when I read the original writeup it said even if ipv6 is disabled the packets bypass the firewall anyways and will execute the said packets/code. Maybe this is referring to something else?
@@howelon3099 If you look at the original writeup on the microsoft website for this specific CVE, it says under *Mitigations* _"Systems are not affected if IPv6 is disabled on the target machine."_
I know it isn't really relevant to to the discussion at hand, but saying IPv6 has "billions and billions of addresses" (9:48) is just a *crazy* understatement of how many addresses IPv6 has. It's IPv4 that has "billions AND billions" - about 4.3 billion, in fact - while IPv6 is more like "billions OF billions… OF BILLIONS… of addresses *for each IPv4 address*". If you assigned an entire IPv4 worth of addresses, to every human who has ever lived, once a second, it would take about 21 BILLION YEARS (or about time and a half the current age of the universe) to exhaust IPv6. That is a BIG address space!
Fun fact: There are still some computers that are running code written in COBOL.
Be careful what you say nobody does
The IRS does.
Fun fact: Another language in the “BOL” tradition - SNOBOL4 and SNOBOL5 (Oregon) has ancient syntax but awesome feature set for text data extraction and parsing, and is very much useful today. It may have COBOL vibes but wowzers is it miles better than trying to use regexes to extract data from non-regular-language input (CrowdStrike cough cough).
@@absurdengineering I just looked up SNOBOL. I knew of its existence but not the nature of the language.
@kensmith5694 there's a couple of banks near me offering damm good money for students to do COBOL, apparently saying their last few programmers are in their 60's and 70's(!), and have returned to work after retiring some years ago. They paid for eye surgery for one lol 😆
Oh yea, if you want a idea how dire their situation is, heck a cold winter could finish off their COBOL team 😬 the local Unis allow them to come it at fresher week and say to the Comp Sci students can you see yourself doing this? There's a paid 'apprenticeship' right this way if you do.... but every week that you learn more about new stuff you get further away from where we need you to be, so come now
No other companies get that opportunity
Heard him say "noone uses edge" thats all I need to know he hasnt a clue about enterprise.
Control systems use Microsoft Edge in IE mode.
Plenty of things use it in the enterprise space… “we either have to upgrade the LOB system and pay a ton of cash… or set GPO to automatically open these in IE Mode.”
Nice ! If you have time - try to reverse-engineer the faulty (bugged) DLL, will ya ? Diff-compare the old and the patched, unleash our unholy couple - Ghidra and x64dbg - on them ... and lets see whether it was a bug ... or a feature? Should be a good watch :)
2024: The year of IT crazyness - vulnerabilities, outages, everything
10:21 I respectfully disagree, every reputable brand router will have the same defualt deny rule for IPv6 as they have on IPv4 in the firewall config.
The problem is that the words "reputable" and "router" usually do not belong in the same sentence
@@kneesnap1041 Yeah sure, lets nit-pick about semantics while it is clear i simplified my point so normies can understand it......
@@jagdtigger perhaps my point was missed, I was hoping to point out that users often do not get a choice what router they can use, I sure don't. I have 2 ISPs in my area, and one is DSL and would go out on an hourly basis, and when it did work it had less than 1MBPS download.
So, I've realistically got only one option for my ISP. They refuse to service any router which isn't theirs, and their routers are extremely locked down. I don't have an option
@@kneesnap1041 You can always hook up yours after the ISP junk.....
Interesting fact: MS at some point took the TCP/IP stack from OpenBSD because they lost knowledge of their own sourcecode. Yet they still fucked up something robust anyway.
There is also a story that they asked the Samba project to help them with their SMB protocol code because they also lost the knowledge. They refused because MS wasn't willing tho share information in the past.
1:40 "no one uses Edge"
I would like to point out -- for all it's flaws... *MS* does a *FANTASTIC* job with the *READ ALOUD* function it is TOP TIER ! ! !
yep, use that too, to check on my own documents. You can read across missing words, but hearing it read aloud you spot all the things the spelling checker misses.
@@Nerd3927 Hmmmmmm... I need to check this out
The Edge tab management is the best. I wish Firefox could do that.
Crowdstrike: The "Patch Tuesday" is not even close to "Stranded Friday."
"Crowdstrike: The 'Patch Tuesday' is not even close to 'Stranded Friday.'" - I can't say I agree with that. I would much rather have my computer crash and refuse to boot than have a malicious actor take control of it remotely, especially if they can do so without any user interaction.
Can't believe that there are still people who don't use an adblocker lol
especially someone who is allegedly so computer literate
@@rowbart3095it's probably on purpose to support creators or websites
@@VitisCZ Or rather, it's because Ed is actually in a Windows VM to avoid getting his real fingerprinted get identified so he can protect his privacy.
Could it be that he was running a Windows VM for privacy reasons? *_Resisting_* fingerprinting is its own way to getting fingerprinted, LOL.
I don't either. I'd rather have my data be stolen by microsoft, google, and other large companies than some unknown browser extension. I don't have ANY browser extension at all. I used to have quite a few and a well-known one in them got hacked one day and I believe it stole my credentials from sites. So I had to change my credentials and reset my computer. Chrome extensions can't really be trusted. The Chrome web store, most obviously, doesn't work like the google play store. Nothing is reviewed on there and there are no constraints over what the extension can access, obviously because most extensions need to access site data such as dark mode readers, and ad blockers, for example.
"Nobody uses Edge or Edge in IE mode" I think Ed was speaking to us, viewers.
correction (5:10): the OSI model is a reference model and not actually used in practice. the TCP/IP model is used in practice, though OSI is taught as it's a good entry point into networking.
LLL: "No one uses Edge in IE mode."
The comments section: "You just activated my trap card!"
Large companies: "Guess I'll die"
Banks: "First time?"
Me: *grab popcorn*
The figures I've seen say that Edge has 5% of the browser share. It simply isn't true that "nobody uses it".
Not just Edge, but Edge in IE mode. That means it is really running Internet Explorer with an Edge wrapper.
@@trail.blazer I doubted that would be true and that it would probably just emulate IE like changing the user agent header and a bunch of other compatibility settings but you're actually right it ships with the "Trident MSHTML" browser engine that was first released in 1997, and apparently that means a bunch of new web standards totally wont work. Microsoft is wack. I do not envy anyone who has to maintain software made for IE mode, must be a pain in the ass.
@@BlueBetaPro Is it really Microsoft that is wack? The reason Microsoft is providing it is that there are ancient pieces of software only compatible with it. So it’s the enterprises using such software that are ‘wack’, if anything.
@@abcdqwerty3562 I know it's not wack to provide the backwards compatibility in the first place but it's the way that they went about it from a technical perspective that sounds wack. From a web development perspective it's really incompatible with modern standards despite being in a modern browser, and from a software development perspective it's lazy to include something that I assume is quite a large binary/library into the application just to provide a little bit of backwards compatibility.
The number of users is inflated as Microsoft force edge to launch by overriding default settings
Plus Windows 11 silently uses edge to run user-implied search requests
Correction regarding the IPv6 reach-ability topic. The true protection we get from NAT is the statefulness capability that it forced on dinky home routers. that same statefulness also protects IPv6 hosts, regardless of whether they have an internet routeable address or not. If the connection didnt initiate from my host, it doesnt matter that you can guess my IP. if it _did_ initiate from my host NAT won't protect me from those dodgy packets.
This particular vuln would be most effective in places where a host is not behind a firewall or where the malicious actor is already behind the firewall. roaming wifi, some cellular networks, weak govt agency networks, that sort of thing
in other words: how would these "carefully crafted" malicious ipv6 packets even reach my pc if adsl modem/router has all ports closed? and pc has firewall.
in that case i have to click something, somewhere...which is same as openiong suspicious mail attachments....
so....not really 9.8 of 10 vulnerability with all those factors.
and...well....i'm not on ipv6 anyway.....i hear half the germans are....hehe.....
@@ivok9846 IMO it's still a 9.8. I don't think CVEs should assume anything about local networks when assessing risks. But for the rest of us, its an important reminder that stateful firewalls are useful, IPv6 does not equal direct internet access and maybe stay away from MS Windows.
That assumes the dinky router in question even bothers to run a firewall on IPv6.
@@BrendonGreenNZL are you on ipv6?
NAT can be punched through if you spoof the packet so that it matches one of the opened connections, both for ipv4 and 6.
"Systems are not affected if IPv6 is disabled on the target machine."
Oh, so basically every Windows machine I've had to touch is already unaffected. IPv6 is one of the first things I disable on any machine and I have never needed it in local network environment.
Except unless your Grandma is somehow still managing to use XP or Win7, she IS PATCHING, whether she bloody likes it or not, pretty much every time she turns on her computer.
@@AttilaAsztalos ?
@@burtburtist watch from 3:54 onwards
@@SreenikethanI i mean how is someone just using whatever came with their pc patching, the os stopped getting patches, i dont imagine them manually going through the kb catalogue, just disabling update notifications
@@burtburtist Because Windows automatically updates (and forces restarts), and you cannot override this without knowing a decent bit about computers.
The only way a Windows 10+ computer wouldn't be updating is if it isn't online. But then it isn't vulnerable.
@@ZipplyZane thanks for the actual answer, i didnt consider it working as intended i guess, the windows 7 failing to update bug seems pretty common, and im pretty sure 7 was no longer getting updates anyway, forgot if the update to 8 then 10 or whatever was truly automatic but its been a hot minute since ive run 7 myself.
I used to work for a company that was using IBM's SAP HR platform which required all the computers to be versions of windows that still supported full IE (so it was Windows 7 across the board), not to mention it had an antique Java backend
Unrelated but, adblockers are your best friends
Somebody found the cia's backdoor & thry had to cover their asses
If it were that easy they wouldn't be the CIA
@@originzz one of their access paths likely Waa discovered.
Let's not forget that your:
CPU
Gpu
Bios
Cables
TV
Phone
Entire life is backdoored. There is no privacy, soon we will see covid & 1940s esque neighbours snitching on neighbours and anyone they can in order to win favour with big brother.
Dangerous times ahead
I always have ipv6 disabled by default. There's a lot of privacy and security concerns about being directly out with an unique address.
firewalls exists for that. and NAT for IPv4 is a hack and was never meant for security.
@@RoddyDev It was not, but it's a by product of the workaround.
IPv6 also has an implementation of private-enhanced addresses; whereby your OS can use unique, randomly generated addresses for different sessions.
Well shows how little IPv6 is used even after 25 Years😜
Any day now!
2025 will be the year of IPv6!!!
NAT cancel IPv6
Doing a ping-sweep on IPv6 is a little like the SETI mission statement. There's gotta be somebody out there somewhere.... right?
I guess bounds-checking code in the IPv6 stack is down there on the priority list, when having malformed packets hurled randomly at your machine from the ether would be an event so novel that it might inspire the plot of a science fiction movie.
@@clashcon11 "NAT cancel IPv6" This. The problem it was designed to solve no longer exists.
So, in other words, to take control of a Windows system which has IPv6 enabled, an attacker simply needs to know the IPv6 address of a target machine and send a specially-formed packet (or series of packets) to it. The saddest part of this is not that this vulnerability exists, but rather that it's not surprising. Microsoft (and all other companies) needs to either fire all of its programmers for negligence or stop releasing software until they patch all of the existing security vulnerabilities and audit the software to find all vulnerabilities that are currently unknown (and fix them, too). It's infuriating that virtually nobody who writes software thinks of security as a priority. Security should be the top priority, far ahead of performance and "how quickly can we get this product released".
Hello, I'm just here to flex on most people here and say that I'm using Linux even though no one asked me.
Arch Linux user confirmed.
Plot twist they actually use windows 11 jk
I use Arch, btw.
Does using a Mac count? Nobody asked me either. I'll go back to my over paid walled garden... Sorry.
Surely linux have 0 vulnerabilities
Hey, Low level learning, just wanted to inform you that, on your academy website, the original price in the price discount for lifetime access is incorrect (or at least, it states that the normal price is 197 and the new price is 319, which would certainly push me to wait till September 2nd ;p)
Ugh thank you
Plenty of people use Edge. And even those who don't, still have times where they use edge, because windows continues defaulting links into Edge regardless of your chosen browser. And as others have said, there are many corporates that still rely on legacy IE mode for Edge. Saying "noone uses Y" is weird in a world where Southwest Airlines was able to escape the Crowdstrike issue solely because their systems are all Windows 3.1 or 95 and where banks are still running Fortran-based systems.
So...everyone's home computers in the U.S. are safe. That's because the major U.S. ISPs (Comcast, Cox, CenturyLink, Spectrum, etc.) have been dragging their feet on IPv6 deployments since forever and have zero incentive to do a full nationwide rollout. The only truly affected entities in the U.S. are Windows servers in the cloud that got assigned both IPv4 and IPv6 addresses, which amounts to two classes of affected users: "Large enterprises paying ridiculous sums of money to host their stuff on Azure" and the government. Everyone else is largely unaffected.
When he stated that the extreme vulnerability is related to ipv6 i laughed as i always disablr that on every machine i get :)
As an IPv6 stan this saddens me! Knee jerk reaction will be to turn off IPv6 and never turn it back on.
IPv6 does have a private address range. Hopefully router manufacturer default will be to use these addresses and not a public addresses for your LAN
Link-Local addresses are a god send when a remote device gets replaced with a spare and you get the call that it's not working.
No, please. Do not use IPv6 private ranges. They are there for a legacy reason. Your router should use DHCP-PD to ask for a range from your ISP. Then your router will announce that range via SLAAC to the internal networks. IPv6 is designed to not need DHCP server.
The concept of public v private is a characteristic of your firewall. Your internal networking being publicly routeable doesn't mean they are publicly accessible.
@@Lue30499 I will never, ever understand this ridiculous notion.
"Let's not have private addresses anymore! YAY! Everyone is directly on the Internet!" and it's equally daft companion ... "NAT is not security!"
Except _it literally is._ If you're not reachable directly via the Internet, you are not vulnerable to exploits that attack you ... directly ... from the Internet. The route just does not exist.
"So use a firewall that blocks incoming traffic."
And that's fine. _If you do it._ With IPv4, and the near-ubiquitous usage of NAT imposed by the IP shortage, there was basically no choice. Everyone was behind a one-way filter by a matter of course. With IPv6 ... eh. It's optional. The problem with that, of course, is that.... _it's optional_ ... and therefore, it _will_ be turned off. (Or just never turned on.) More to the point, you won't necessarily know, because it works either way.
IPv6 has gazillions of IPs. There's no need to conserve. But that doesn't mean NAT isn't still a really good *layer* to have in the security stack. Removing it from conventional network design was the dumbest freakin thing about IPv6. And there are a lot of dumb things about IPv6.
How can you be an "IPv6 stan" and advocate for IPV6 NAT?
@@Lue30499what meaningful difference does being publicly routable make if it doesn't allow packets the user may not have expected or prepared for to reach the device?
@@lassipulkkinen273 I'd take everything said by someone who's username contains "troll" with a grain of salt.
Microsoft having severe RCE vulnerabilities ? And the sky is blue
I thicked ever insecurity box:
- A stupidly large number of open ports.
- Having SMB (v1) enabled all the time.
- Turning off antivirus always.
- Questionable custom Firewall rules.
Turns out randomly choosing to disable IPv6 would actually save my ass.
So many comments about Edge & IE when there's a CVSS 9.8 RCE in TCP/IP.
Corporate machines will get patched pretty quick, the concern will be those "unpatchable" devices, since we need to assume this bug has existed in the codebase of older OS, IPv6 is fully routabble, edge security may not be blocking the affected traffic, and patch reversing is a whole thing for motivated attackers & curious minds.
Edge is Also a background process windows uses to operate.
so you don't have to use there browser to lose everything.
Can we please have a break from worldwide critical IT messups 😩😩😭 I’m gonna cry
The problem is that hackers use these patches to see what Microsoft is patching and then reverse engineer and/or start investigating the code that is being patched and discover how to use the exploit. I give it a few days before the IPv6 TCP/IP stack *is* being used to exploit systems in the wild. Patch or disable IPv6 on your NIC interfaces NOW!
As a security researcher you should set a good example and use an ad blocker.
When ,"I have your ip" means something haha
pause for "7 days" saves me again
Pv6 security is more important than I thought! This bug sounds wild - gotta go patch Windows now. Keep up the great vids!
@@Tenetri it is, also take a look at the android security bulletin, yeah, it's udp in general, buuuuut, probably easier to exploit with ipv6, there was an unauthenticated, remote code execution in Android's network stack, too
plot twist: you're not on ipv6, just like most of the planet....
1:40 I can't speak for everyone, but there are some systems I have worked with that still require the compatibility mode for their web app to function, and this is in Health Care, although it may not be many, the impact that could have on patient privacy needs to be taken into consideration
Love your channel, I am fairly technical due to my career and interests in computers and so I enjoy how you recap stuff, explain stuff but also don’t go so far as sucking eggs. Subscribed!
This is a huge deal. Thank you for this. I was hoping to catch you at DEFCON but hopefully next year!
I’ve never heard IPv6 explained so succinctly.👏👏👏
Unless I'm mistaken, a webserver can force edge into IE compatibility mode with http headers. So if a user goes to such a site while using Edge and clicks a malicious link, bad things can happen.
It depends, there's a setting to disallow that.
Love your security technical reviews !!❤
I think it would also be cool if you would do this as a series about Snowdens leaks
I still use win7, I don’t get to participate in patch Tuesday anymore
Companies usually use exclusively microsoft edge….
well a quick google says you get roughly 2.5 pow(21) IP addresses per grain of sand in sahara, still way way to big to visualize.
given that 7506320 grains of sand per sqf, and average depth of sand is 200feet.
Some large numbers like this, what is understandable is that we no longer need NAT :D
"So you and i can use our PC in a safer way"
*laughs in Linux*
every single day, every day, every week there is a new zero day exploit a new data leak, bro whats happening
Many companies use Edge on their managed operating environments (MOE) for Windows Clients and indeed Servers, and in fact we actively have been removing Chrome due to all of the security vulnerabilities that is was getting compared to Edge (issues not related to the common Chromium compoent). When you have to do regular patching cycles and off-cycle urgent securty patching for many different software tools (Microsoft, Google, Adobe etc), it makes sense to consolidate the number of update points if you can, without impacting the users' ability to work effectively. It's more efficient and easier to maintain. No real need for Chrome in a Microsoft Azure environment, for example, unless you have some wierd software that is somehow dependent on Chrome (highly unlikely situation since Edge move to Chromium though). I am not saying that that Edge is better than Chrome al the time, but it is better in those type of corporate situations. Obviously IE Mode is just asking for trouble, but this can be locked down using group policy.
This reminds me if the issue back in the day, with Windows XP SP1 called "Raw Sockets". This was a vulnerability that allowed attacker to attack a system remotely, outside of the standard TCP/IP protocol and allowed attackers to be able to manipulate both the Transport and IP Layers. It was kind of a big deal back then and a major reason why, Microsoft implemented a firewall in Windows XP SP2.
Can you explain the new AMD CPU buck in detail. It sounds super complicated, but it also sound like you are in trouble anyway on a machine if you can be effected by this buck.
But a vulnerability that stays on your pc even after you reinstall your OS just sounds bad 🙁.
But I think it could be interesting to take a closer look.
Man ngl I think I got hit by one of those, and I still have the motherboard (an amd b450) but have not quite been able to figure out how to diagnose the thing without infecting more USB drives with whatever was on it. So as far as I got, was basically that it has the capability to propagate via USB drives without any user interaction (just by plugging it into the powered on motherboard). Drives used in my testing/troubleshooting/analysis lost all ability to be reformatted too. Idk if that's from the same exploit or vuln you mentioned but it sounds like what I had happen.
@@apIthletIcc The USB issue is something else and I don't know how to test if you have this issue.
The AMD CPU one that I am talking about, I think they call that Sinkclose vulnerability. 🤷♂But they are similar, just for CPU's.
My ISP does not even provide me with IPv6
Same here. I use a tunnel from Hurricane Electric, which works great except that Google makes you use a captcha because it's flagged HE's entire network.
You can get a /48 and several /64s for free.
If you want to pick up a necessary skill (that should be in first semester but wasn't truly mentioned at my uni except in electronics engineering): "Practical UML Statecharts in C/C++ - Event-Driven Programming for Embedded System". Nothing complex or trendy, just a great book explaining the skills one should have. Pricey though, it's that luxury CRC company (and suddenly you understand why Godot is doing what it does in the way it does it)
Another Windows vulnerability? I'm shocked, SHOCKED!
one thing that really gets me.
Why is consumer, programer, and buisness service windows the same windows?
Seems like Microsoft is inviting problems. Its one thing to have cross compatability, its another to try and make the same product for all of them
Windows has a major problem - it's existence.
I'm going to guess that after the RCE vulnerability for WiFi that happened a few weeks back and sent everyone scrambling to update, someone at Microsoft decided to take a closer look at their TCP/IP stack to see if there were any other RCE vulnerabilities that they had also overlooked. Is _anyone_ surprised that they found one? Anyone? No? Okay.
"No one uses Edge." Well, that's not true. They based it on Chromium and a lot of people no longer have any resistance to the MS pressure to use it, so use of Edge is increasing.
"No one uses Edge in IE mode." Oh, bless your heart. You've never worked in the DoD. I'm sure you'll feel really safe learning that a LOT of DoD systems are outdated and can only be accessed using IE or Edge in IE mode.
Getting Windows 95 NetBIOS OOB flashbacks from this
".....it’s just another Tuesday for Microsoft“ 💀
Instant subscription. Keep up your awesome work
Edge is basically mandatory for the large government agency I work for. I think usage is somewhat higher than you would expect.
Good thing that one of the first things I do on a new machine is to disable IPv6 for the crapton of QoS issues it causes for me. (Ignoring that I don't use Windows for anything important.)
"No one uses Edge in IE mode"
Anything to do with the DEA: hold my beer.
Don't Microsoft say that running with IPv6 disabled is not a supported configuration...? Because they no longer test with it disabled...
Or with it enabled, apparently.
1:38 "no one uses Edge" bro Im edging right now
Gasp! and you admit that in public
Good ol' Macroshit Wangblows. I really should switch to Lunix at some point.
"Macroshit Wangblows" Thank you. you made my day. xD
so what is the vulnerability. you just said that its ipv6 because there is no nat needed.
I'd never really thought about encapsulation as something that contextualises the encapsulated data. Huh.
I think what he meant was: "Nobody that we care about uses Edge in IE mode."
Is it me or remote escalation bugs in pieces of software that should be decades old (and therefore bug free) are getting more and more common? What exactly *is* patch Tuesday these days? Adding two bugs for every one you fix?
“No one uses edge or edge in ie mode”
*laughs in sitescope*
NAT makes my peer to peer experience terrible.
IPV6 considered harmful.
Seriously though how the hell am I first hearing of this here? Thanks for the info, I updated my machine.
IPv6 Windows Implementation considered harmful more like
IPv6 does have a private address range just as IPv4 has. So not all IPv6 is routable on the internet.
Same as a lot of other comments. Our company force defaults us to Edge every reboot, some of our apps need Edge to load. Ughhhh
While yes, the most that are watching this already know about IPAdresses, but i basically just Forward this to my family so they Update their PC so i appreciate explaining this a bit more on a surface level.
I feel like I should have anticipated that leaving IPv6 enabled, because it's enabled by default, would be a security vulnerability. Was this really just discovered, or just the cover blown. Systems should be hardened out-of-the-box, requiring users a enable the features that they actually need.
This feels like Blaster all over again......
"Nobody uses Edge in IE mode"
My ip camera's
Me waiting for the day when thumbnail says "Playing this video can hack your computer"