A known vulnerability in the Windows Wi-Fi driver allowed attackers to install malware over a wireless network, bypassing all authentication protocols.
Wi-Fi Threat
Critical Security Flaw
Microsoft recently fixed a critical security hole in the wireless driver for Windows operating systems. Exploitation of this vulnerability allowed malicious actors to inject malicious code onto compromised computers over Wi-Fi. The threat affected Windows 10, Windows 11, and all versions of Windows Server starting in 2008. The attacker did not require physical access to the target device.
High risk of remote attacks
Microsoft has reported that there are currently no known cases of active use of this vulnerabilities by attackers. However, the attack itself is considered quite simple and is classified as a "critical". To implement it, the attacker must be within the coverage area of the victim's wireless network and send a specially crafted network packet to the target computer in order to exploit the security gap.
No authentication required
Wi-Fi attack bypassed all authentication protocols and did not required prior access rights or user interaction. Thus, attackers could undetectably inject malware onto Windows computers connected to public wireless networks in hotels, airports, cafes, and other public places. In addition, for an attack it was enough to simply approach the victim’s house.
Mitigation
The vulnerability has now been resolved, but requires the Windows update released on Tuesday, June 11th. However, it is likely that not all users installed this update in a timely manner, which could provoke a wave of attacks from cybercriminals, given the ease of exploitation of this vulnerability. The patch also closed other security holes, including one that allowed remote unauthenticated attackers to run malicious code with elevated privileges.
Glossary
- Microsoft is the largest transnational company producing proprietary software for various types of computing equipment.
- Windows is a family of proprietary operating systems from Microsoft.
- Wi-Fi is a wireless technology for transmitting data over networks based on IEEE 802.11 standards.
- Exploitation of a vulnerability (exploit) - the use of flaws in the software security system to cause harm.
Links
Answers to questions
Which Microsoft products are affected by this vulnerability?
How could an attacker exploit this vulnerability?
What risks were associated with this vulnerability?
Was this vulnerability known before?
How was this vulnerability fixed?
Hashtags
Save a link to this article
Discussion of the topic – Fix Windows Wi-Fi vulnerability and protect your system
Microsoft has released a critical security update to fix a serious vulnerability in the Wi-Fi driver for Windows 10, 11 and Server. This vulnerability allowed attackers to run malicious code over Wi-Fi without logging into the network.
Latest comments
8 comments
Write a comment
Your email address will not be published. Required fields are checked *
Марта
A really serious vulnerability! 💣 It's good that Microsoft quickly responded and released a patch. I hope everyone updates their systems as soon as possible.
Клаус
And I always have automatic updates turned on, so I'm safe. 😎 But it’s still creepy that attackers can so easily break into a computer via Wi-Fi!
Франческо
This once again proves that you need to be extremely careful when connecting to public Wi-Fi networks. 🚨 It's better to use a VPN or your mobile Internet.
Грумпи
Phew, all these new technologies are nothing but problems! 😒 In my time there was no Wi-Fi, and we lived peacefully. Why do we need the Internet at all?
Анна
Grumpy, don't say that! 🙃 The Internet opens up enormous opportunities for communication, work and entertainment. You just need to follow safety precautions.
Петр
I heard that there was a similar vulnerability last year. 😬 Microsoft clearly needs to do a better job of testing their drivers before releasing them.
Анна
Yes, Peter, you are right. This is not the first time. Now, I remembered: my friend told me that last year his computer was also “infected” via Wi-Fi at the airport. 😰 Then I barely pumped out the system.
Мария
Wow, terrible story! 😲 If I were your friend, I would sue Microsoft for negligence. Although I myself also try not to use public Wi-Fi without a VPN. Safety first!