![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mdlbearA tip of the hat to solarbird's post titled: "uh if you have windows and wifi this is VERY IMPORTANT" -- and it is. If you haven't updated Windows this week, DO IT NOW. This affects all currently-supported versions of Windows.
Let me present CVE-2024-30078 - Microsoft - Windows Wi-Fi Driver Remote Code Execution Vulnerability. The money quote is:
According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?
Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions.
How could an attacker exploit the vulnerability?
An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution.
It does not say whether the target machine (you) needs to be connected to the WiFi network -- because this is happening at the driver level, probably not. It affects Windows 11, Windows 10, and all versions of Windows Server back to 2008.
It also doesn't say whether earlier, unsupported versions of Windows are affected, but it's safe to assume that they probably are as well. So if you're running, say, Windows 7, there's never been a better time to upgrade to Linux.
More:
- Let's kick off our summer with a pwn-me-by-Wi-Fi bug in Microsoft
Windows | MSN
Considering it hits every supported version of Windows, it will likely draw a lot of attention from attackers and red teams alike." Patch as soon as you can. - New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now | Forbes
"The vulnerability, assigned as CVE-2024-30078, does not require an attacker to have physical access to the targeted computer, although physical proximity is needed. Exploiting this vulnerability can allow an unauthenticated attacker to gain remote code execution on the impacted device. What’s perhaps most concerning, though, is that this Wi-Fi driver security flaw affects all supported versions of the Windows operating system." - Windows security hole allows attackers to install malware via Wi-Fi —
new patch plugs gaping vulnerability | Tom's Hardware
"The Wi-Fi attack bypasses all authentication protocols, does not require prior access rights, and requires no user interaction at all."