Windows Update a Must For Wi-Fi Threat

The latest Windows update fixes a nasty bug that could put users at risk when connected to public WiFi. An attacker could exploit it simply by using the same network.

The bug, with the reference number CVE-2024-30078, is rated as "important" by Microsoft. That rating takes into account both how easy it is to exploit and how much damage it would do. (Source: microsoft.com)

The problem is with WiFi drivers, used to make Windows work with the hardware in a computer (usually a laptop) to connect to a wireless network. It would allow hackers to take advantage of the way Internet data is broken up into small chunks known as packets.

It appears that the driver bug means a computer might accept an unknown packet, overriding the usual safeguard that the packet's source should first be identified and authenticated.

Malware Likely

That means an attacker could send a packet containing data that enables remote code execution. That gives the attacker the ability to install malware, for example, to gather personal data, spread a virus to new victims, or encrypt files in a ransomware attack.

An attacker would only have to be close enough to be in wireless range of the victim's computer. However, they would have to be on the same network. That means an attack would most likely be best suited on a public WiFi network that's either unprotected or where the password is public knowledge.

Older Routers using WEP and WPA are Considered Dangerous

It would be rare for the exploit to be carried on a home network with password protection, unless the password was known or cracked - or if the network has outdated network security (such as the WEP or the WPA protocol), which would be typical on older routers.

In Windows 10 and 11, you may see a wireless network with an exclamation next to it instead of a lock. This would resemble a network that is password protected but uses a security protocol that is no longer secure. Click here to see an example image of a network that is no longer secure but also uses a password.

Technically speaking, you can still use a wireless network with WEP or WPA enabled but the password can be cracked. In this case, an attacker could gain access to the network and execute the CVE-2024-30078 exploit. In real world terms, however, it would be very unlikely this would happen (especially on a home network), versus on a public network that may serve hundreds or thousands of people (such as a mall or coffee shop, for example).

Patch Immediately

The bug affects all supported versions of Windows including 10 and 11. At the time Microsoft issued the patch, the bug hadn't been publicly disclosed and there was no evidence it was being exploited. Given the potential damage and the huge number of potential victims, it's highly likely would-be-hackers will now try to figure out and exploit the bug before users update their machines. (Source: theregister.com)

As usual, the updates should install automatically for users with default Windows settings. Users can check for outstanding updates or manually install the patches in the Windows Update section of the Windows settings app.

What's Your Opinion?

Are you surprised Microsoft didn't rate this as a "critical" threat, the top level of its rating system? Do you use public WiFi regularly? What measures do you take to avoid security threats when taking your laptop outside of your home?