Microsoft fixed a security flaw that could have let hackers install malware via Wi-Fi

13 June 2024, 22:13 published

[ad_1]

This month’s Patch Tuesday fixed an important vulnerability in the Windows Wi-Fi driver which allowed threat actors to install malware via the wireless internet connectivity protocol.

The vulnerability is described as an improper input validation flaw that can result in remote code execution (RCE). It is tracked as CVE-2024-30078, and carries a severity score of 8.8. Microsoft labeled it as “important”.

The company further explained how the bug could be abused in low-complexity attacks in which hackers do not need prior access. All they need to do is be within the vulnerable device’s Wi-Fi range so that they can send a custom-tailored network packet. Nothing is required on the victim’s end, as well, making this vulnerability particularly dangerous, especially for people who like to work from public spaces such as libraries, coffee shops, airports, and similar.

Almost 50 fixes

All common versions of the Windows OS are vulnerable, including both Windows 10, Windows 11, and Windows Server 2008 and newer, but while Microsoft said there is no evidence of the bug being abused in the wild, and that the exploitation is “unlikely”, shining a spotlight like this usually draws some attention from the criminals.

Therefore, applying the latest Patch Tuesday cumulative update is always important.

Besides the improper input validation flaw, Microsoft fixed another 48 bugs in Windows and different Windows components, Office and Office components, Azure Dynamic Business Central, and Visual Studio, Tom’s Hardware reported. Among them is a “critical”-rated vulnerability in Microsoft Message Queuing that allowed threat actors to run malware with elevated privileges as unauthenticated users.

Every second Tuesday in a month, Microsoft releases a batch of updates for Windows and other products, with a major focus on security and stability. This batch is dubbed Patch Tuesday, and is arguably the most important update for Windows. Every now and then, Microsoft also releases urgent fixes for high severity vulnerabilities that are known to be exploited in the wild.

Via Tom’s Hardware

More from TechRadar Pro

[ad_2]

Source link

Joy

Cong.

Loved

Surprised

Unliked

Mad

Microsoft fixed a security flaw that could have let hackers install malware via Wi-Fi

Comment

Microsoft fixed a security flaw that could have let hackers install malware via Wi-Fi

Write a Reply Cancel

You may be interested

The Galaxy S25 could have genuinely useful AI features that trump Apple Intelligence – including these 5 tricks

I’ve been waiting years for ChatGPT’s new Tasks feature – here’s how I’m planning to use it to organize my life

Wrexham’s new stadium plans get even BIGGER after Ryan Reynolds revealed vision for 55,000-seater ground

150TB SSD modules to go mainstream in 2025, and Micron is getting a slice of that pie

Nvidia abandons the problematic 12VHPWR RTX 4080 power connector with a much longer one for the RTX 5080 FE according to leaked images

Transfer news LIVE: Saudis set to offer Mohamed Salah £65m, Marcus Rashford EXCLUSIVE, Trent Alexander-Arnold TWIST

L’Oreal’s new skin testing suite paid me such a nice compliment, I nearly stole it from the demo room

Israel, Hamas appear to agree on tentative Gaza ceasefire deal: officials – National

Thousands of WordPress websites hit in new malware attack, here’s what we know

Privacy of millions worldwide compromised as huge data location broker got hacked

Microsoft fixed a security flaw that could have let hackers install malware via Wi-Fi

Share This Post

or copy the link

Related News

Write a Reply Cancel

You may be interested