As part of their June 2024 patch update, Microsoft announced a vulnerability (CVE-2024-30078) in all modern-day versions of Windows that could allow an attacker to run malicious software directly on your computer, just by connecting to the same Wi-Fi network.
Once attackers have discovered a way to exploit this vulnerability, they could change your Windows configuration so that you and the attacker are on the same network, allowing them to use remote access to get into your computer.
From there, this vulnerability could serve up malicious software in a ‘worm’ style of attack, the kind we have not seen for some time. A worm is a type of malware that automatically self-replicates, spreading without human interaction.
Why it matters — Once an exploit is active, it could have serious repercussions for those working in hybrid/home scenarios where less trusted devices such as family PC’s or home routers are mixing with corporate trusted devices like company laptops. Once a device has been infected, your next day in the office could spread the worm to unpatched peers on the same Wi-Fi network.
Read: New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now
Read: Threat Actor Claims to Sell Exploit for Windows WiFi RCE (CVE-2024-30078)
What you should know — The exploitation has not begun, and a patch is available. To prepare your firm, you must:
- Verify your asset inventory is accurate and accounts for all your Windows devices.
- Follow your patch management policy and correctly apply your update schedule to all devices.
- Close the process with the correct governance and review of your reports, tackle any outsider devices within your allowed time limits.
Windows CVE-2024-30078 Vulnerability is a perfect demonstration of identifying and protecting your business from attacks. Thoroughly applying your written policies with sufficient due diligence is a much simpler process than the management of a cyber incident.
Read: Windows Wi-Fi Driver Remote Code Execution Vulnerability
Contact Drawbridge today to discuss your Information Security Policies and how to best develop the right procedures for your IT/MSP to follow.
