Complete British News World

Serious vulnerability in Windows – can be infected via Wifi

Serious vulnerability in Windows – can be infected via Wifi

“Beware of open wireless networks” is a common warning, but the usual recommendation to protect yourself with a VPN doesn't help if the connection is high enough to risk being hacked. This is exactly what can happen to Windows users who don't update their system, according to reports Tom's devices.

The June release of Microsoft's “Patch Tuesday” includes a fix for a bug in the Windows Wifi driver that made it possible to run arbitrary code on other devices on the same wireless network without authorization. The update has the designation KB5039212 It applies to builds 22621.3737 and 22631.3737 for Windows 11, but has also been released for Windows 10 and various versions of Windows Server. The bug was discovered by security researcher Kunlun Wei.

The flaw has been assigned a CVE number CVE-2024-30078 It is classified as “important”. It does not require any authentication or prior access to a target computer, and the attack occurs in the background without the victim noticing or having to trick them into doing anything.

Microsoft is not aware of any cases where this vulnerability has been exploited, and does not disclose exactly where it is located in the driver, but now that it is known, hackers are more likely to find and exploit it. KB5039212 contains 48 additional fixes for security flaws, the most serious of which is in Microsoft's message queuing service, a system for sending information between programs asynchronously.