Microsoft’s Patch Tuesday addressed a critical vulnerability, CVE-2024-38063, which allows remote code execution via crafted IPv6 packets. The flaw, discovered by Chinese researcher Xiao Wei, has a severity score of 9.8/10, enabling potential worm-like attacks on Windows systems. Wei urged users to apply patches or disable IPv6. This patch release also covers six actively exploited zero-days, including vulnerabilities in the Windows Scripting Engine, Microsoft Project, and Windows kernel. Other notable patches include a severe flaw in the Windows Reliable Multicast Transport Driver and multiple remote code execution risks in Windows Network Virtualization.