Windows flaw lets hackers sneak into your PC over Wi-Fi

Windows flaw lets hackers sneak into your PC over Wi-Fi

Hackers exploit public Wi-Fi networks to send malicious files to your PC

by Kurt Knutsson

A new security issue was found in the Windows Wi-Fi driver that let hackers break into your PC through wireless networks. This flaw, which is now fixed, allowed attackers to run malicious programs on affected computers. It impacted all modern versions of Windows and Windows Server, and the hackers didn’t need to have any previous access to the target computer.

Fortunately, Microsoft has released a security update that addresses this Wi-Fi driver vulnerability. However, it’s crucial to keep your software up-to-date and follow best practices to minimize the risk of such attacks.

We’ll provide tips below on what you should do to protect yourself if a similar issue arises in the future.

 

What you need to know about the security flaw

Microsoft labeled the vulnerability as CVE-2024-30078 with a maximum severity of “Important.” It is described as a “Windows Wi-Fi Driver Remote Code Execution Vulnerability.” If we break down these terms, you’d understand that the flaw allows an attacker within Wi-Fi range of your computer to send a specially crafted network packet to the target and exploit your PC.

This vulnerability is dangerous because it can bypass all security checks, doesn’t need special permissions, and requires no action from the user. For example, imagine you’re at a cafe using their public Wi-Fi. You’d expect some security measures to protect your device. But with this vulnerability, an attacker could easily sneak malware onto your laptop without you knowing. You wouldn’t have to click anything or give permission—just being connected to the Wi-Fi is enough. This could happen at any public hotspot, like at hotels, airports, or cafes, putting many people at risk.

Microsoft admitted there weren’t any known active attacks utilizing this security hole. However, it described the vulnerability itself as fairly easy to exploit. While Microsoft downplays the immediate risk, these announcements can sometimes attract malicious hackers. The vulnerability affects every supported version of Windows, including unpatched versions of Windows 10 and Windows 11. It also affects all Windows Server versions from 2008 onward.

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter.

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.
Tips to avoid our newsletters going to your junk folder

A person looking at a laptop

DON’T LET SNOOPS NEARBY LISTEN TO YOUR VOICEMAIL WITH THIS QUICK TIP

 

Microsoft’s response to their security vulnerability

On June 11, Microsoft released a patch that eliminates the security vulnerability. This patch also addresses 49 CVEs across Windows and its components, Office and its components, Azure Dynamic Business Central, and Visual Studio. This is applicable if you are using a version of Windows that still receives security updates. If you are using an end-of-life version of Windows without an extended service contract, it is recommended to update to a supported version as soon as possible.

Windows laptops against a colorful background.

Microsoft

 

Update your Windows software now

In light of the recently discovered and patched Wi-Fi driver vulnerability, it is crucial for all Windows users to promptly update their software to ensure maximum protection against potential cyber threats. Keeping your operating system and other software up-to-date is one of the most effective ways to safeguard your devices from known vulnerabilities and security flaws. To update your Windows software and benefit from the latest security patches, follow these simple steps:

For Windows 10 and Windows 11

  • Click on the Start menu and select “Settings” (or press the Windows key + I shortcut).
  • In the Settings window, click on “Update & Security.”
  • Under the “Windows Update” section, click on “Check for updates.”
  • If updates are available, including the patch for the Wi-Fi driver vulnerability, Windows will download and install them automatically.
  • Once the installation is complete, you may be prompted to restart your computer to apply the updates.

For Windows 8.1 and Earlier Versions

  1. Open the Control Panel and navigate to “System and Security.”
  2. Under the “Windows Update” section, click on “Check for updates.”
  3. If updates are available, including the patch for the Wi-Fi driver vulnerability, select them and click “Install updates.”
  4. Follow the on-screen instructions to complete the installation process.
  5. Restart your computer if prompted to apply the updates.

By keeping your Windows software up-to-date, you not only protect yourself from the recently discovered Wi-Fi driver vulnerability but also ensure that your system is fortified against other known security threats. Regular software updates are essential for maintaining a secure and reliable computing environment. Remember, cybercriminals are constantly seeking new ways to exploit vulnerabilities, so it’s crucial to stay vigilant and promptly install updates as they become available.

A Windows laptop on a table

Microsoft

 

CYBER SCAMMERS USE AI TO MANIPULATE GOOGLE SEARCH RESULTS

 

6 ways to protect yourself from Wi-Fi cyberattacks

There are many ways a Wi-Fi network can be exploited by bad actors. However, you can protect yourself by following these steps.

1) Enable encryption: WPA2 and WPA3 (WiFi-protected access) are the standard encryptions now. If your network is using WEP (wired equivalent privacy) security, this is outdated. New routers should automatically come with WPA2 or WPA3 encryption, but you may have to enable it to be sure your router is secure. Your wireless network manual will show you how to enable this on your particular network, but be sure to do so so your Wi-Fi requires a password.

2) Update your WiFi password often: When you first set up a new router, it will come with a pre-set Wi-Fi router name and password. Be sure to change this as soon as you set it up and use a strong password. Always make sure your network requires a password to log in. It’s also important to change this information regularly. This makes it harder for anyone to hack into your network. Use these Best Password Managers for 2024 to help create and store your passwords.

3) Update firmware and software: As with computers and phones, it’s essential to keep your software up to date to help protect against security threats. Always run the latest software, some routers will call this firmware – so make sure to keep that updated.

4) Install a strong antivirus program: Hackers often gain access to devices by sending infected emails or documents or tricking users into clicking a link that downloads malware. You can avoid all of this by installing antivirus software that will detect any potential threat before it can take over your device or router.

Since this specific malware can affect Windows and Macs, use an antivirus program like our #1 pick TotalAV (Limited time deal for CyberGuy readers: $19 your first year (80% off), which offers real-time protection on all types of devices. 

Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Best Antivirus Protection 2024

5) Pick a secure router: If you’re in the market for a new router, check out my list of top routers. These routers are recommended not only for their security features but also for their compatibility with VPN service providers.

6) Use a VPN: A Virtual Private Network (VPN) can provide an additional layer of security, especially when accessing your network remotely.

My top recommendation is ExpressVPN. It has a quick and easy setup, is available in 105 countries, and will not log your IP address, browsing history, traffic destination or metadata, or DNS queries.

Right now you can get 3 extra months FREE with a 12-month ExpressVPN plan. That’s just $6.67 per month, a savings of 49%!  Try 30 days risk-free.

For best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android & iOS devices

Best VPNs for browsing the web privately 2024

 

Remember, while no system can be completely invulnerable, these steps can significantly reduce the risk of cyberattacks on your Wi-Fi network.

 

Kurt’s key takeaway

The Wi-Fi driver flaw on Windows is particularly concerning because it gives bad actors an open invitation to exploit your computer. Since Microsoft has now made the vulnerability public, cybercriminals may try to exploit it even though the Redmond-based company says it has patched it. As a rule of thumb, avoid using public Wi-Fi networks you don’t trust. If necessary, connect to a VPN, turn off file sharing, and disable auto-connect.

Do you often use public Wi-Fi networks? If yes, do you take any measures to protect your digital privacy and safety? Let us know in the comments below.

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.


   

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder