Recently, Microsoft patched a security vulnerability in the Wi-Fi driver for Windows. The exploit would have allowed attackers to run malicious code on vulnerable systems through Wi-Fi. The vulnerability affects specifically Windows 10 and Windows 11, as well as all versions of Windows Server starting from 2008.
The company states that there were actually no known active exploits for this vulnerability, however, the attack is fairly straightforward and is rated as "Important". An attacker just needs to be within the Wi-Fi range of the target computer to send a specially crafted network packet to the target computer and exploit the vulnerability.
The Wi-Fi attack bypasses all authentication protocols, does not require prior access rights, and does not require any user interaction at all. Therefore, an attacker could introduce malicious software to Windows users connected to public Wi-Fi networks - in hotels, airports, cafes, and the like - completely unnoticed. Or, for example, just approach the victim's home.
Currently, the vulnerability has been patched, but it requires updating Windows by Tuesday, June 11. However, it is almost certain that not everyone has updated, and such announcements may provoke attackers. The ease with which the exploit can be used also raises concerns. The patch also fixes other vulnerabilities, in particular one that allowed remote unauthenticated attackers to run malicious code with elevated privileges.
Source: Tom`s Hardware
Comments (0)
There are no comments for now