Microsoft has raised a new alert regarding Wi-Fi vulnerability in Windows. This new security threat has been rated 8.8 out of 10 in terms of severity using the Common Vulnerability Scoring System. This vulnerability, assigned as CVE-2024-30078, eliminates the need for the attacker to have physical access to the targeted computer, however, physical proximity is still needed though. An attacker can exploit this vulnerability and he/she will have remote code execution on the affected device.
According to a Forbes report, a bigger concern than that probably is that the Wi-Fi driver security flaw affects all supported versions of the Windows operating system.
No User Interaction Needed To Attack CVE-2024-30078
Microsoft has confirmed that an attacker could expect repeatable success due to the lack of special access conditions or extenuating circumstances, apart from the proximity requirement. The Windows maker has also warned that no authentication is required before exploiting this vulnerability. In addition to that, no access to settings or files on the victim’s machine is needed before carrying out the attack.
The user of the targetted device won’t have to interact at all, they won’t have to click on any link or load any image or execute any file for this attack to happen.
A Forbes article quoted, Jason Kikta, chief information security officer at Automox, as saying that, given its nature, “this vulnerability poses a significant risk in endpoint-dense environments including hotels, trade shows, or anywhere else numerous devices connect to WiFi networks.” In such environments, it would be extremely easy for an attacker to target users without raising any red flags. Kikta added, “To protect against this vulnerability, it’s recommended that you apply the latest patches as soon as possible.”
Immediate Patch Priority: Security Expert
Kikta recommends that anyone who is using an end-of-life version of Windows without an extended service contract should update to a supported version as soon as possible. He said, “If patching immediately isn’t feasible, consider using network-level protections such as firewalls and intrusion detection systems to monitor and block suspicious activity. The risk of running outdated software cannot be overstated.”
If you are still not convinced to update as soon as possible then Kikta said that this close access vector threat “potentially bypasses network-based detections and mitigations.” Forbes quoted him as saying, “It circumvents most threat modelling, so this is an immediate patch priority for me.”
