The Windows Bad Neighbor vulnerability explained — and how to protect your network

Attackers could use the Windows Bad Neighbor vulnerability to perform remote code execution or create buffer overflows. Patches and workarounds are available.

A broken link in a digital chaing / weakness / vulnerability
MaxKabakov / Getty Images

In October 2020, Microsoft patched a set of vulnerabilities that included critical networking bugs CVE-2020-16898 and CVE-2020-16899. Known as “Bad Neighbor” or “Ping of Death Redux,” these flaws lurk in the TCP/IP networking implementation in Windows in how incoming ICMPv6 packets are handled under certain conditions.

Both CVE-2020-16898 and CVE-2020-16899 represent the Bad Neighbor vulnerability, however, the impact of CVE-2020-16898 is remote code execution, while for CVE-2020-16899 it is denial of service (DoS).

The flaw demands attention as it impacts even recent Windows 10 and Server versions, heavily in use in both enterprise and home environments. Moreover, multiple proof-of-concept (PoC) exploits for this vulnerability have sprung up on the internet.

What is Bad Neighbor?

Microsoft’s security advisory on the vulnerability is rather simplistic:

To continue reading this article register now

The 10 most powerful cybersecurity companies