A new way to hijack Windows machines was found by researchers in the course of some experiments. Experts at InfoSec Institute, an information security services company, tried the MITM, or man-in-the-middle, attacks that exploit features that present in recent versions of Windows to make it easy for computers to connect to networks using the next generation IPv6 protocol.

According to Jack Koziol, a program manager at InfoSec Institute, the attack may also exploit features of Apple's OS X for Macs, however the proof-of-concept has not been tested on that platform.

Researchers reported that the attack takes advantage of an industry standard known as SLAAC, or Stateless Address Auto Configuration that allows clients and hosts to find each other on IPv6 networks. When the next-generation addressing scheme is turned on, as it is by default in OS X, Windows Vista, Windows 7 and Server 2008, SLAAC can be used to create an unauthorized IPv6 network that reroutes data through hardware controlled by the attackers.

Infosec Institute researcher Alec Waters wrote in the proof of concept that it requires no interaction at all from end users and provides no warning that their machines are connecting to an unauthorized IPv6 network.

The researchers say that the technique works because the vulnerable operating systems automatically prefer to use the newer protocol over the older one. The only way to prevent the attack for now is to disable IPv6 on all machines that don't use the protocol.