A look at CVE-2023–23415 — a Windows ICMP vulnerability + mitigations (which is not a cyber meltdown)

Yesterday Microsoft dropped a patch for a vulnerability found by @hexnomad@infosec.exchange. It’s a great vuln, in theory allowing code execution over ICMP. It also sounds really scary, as it’s a high CVSS score in Windows OS on a commonly used protocol.

Time to step in front of the vulnerability hype train