Windows flaw lets hackers sneak into your PC over Wi-Fi

Hackers exploit public Wi-Fi networks to send malicious files to your PC

Use your personal hot spot rather than public Wi-Fi to protect your privacy

A hot spot allows you to share your iPhone’s cellular data with other devices, such as your laptop or tablet.

A new security issue was found in the Windows Wi-Fi driver that let hackers break into your PC through wireless networks. 

This flaw, which is now fixed, allowed attackers to run malicious programs on affected computers. It impacted all modern versions of Windows and Windows Server, and the hackers didn't need to have any previous access to the target computer.

Fortunately, Microsoft has released a security update that addresses this Wi-Fi driver vulnerability. However, it's crucial to keep your software up to date and follow best practices to minimize the risk of such attacks.

We'll provide tips below on what you should do to protect yourself if a similar issue arises in the future.

GET SECURITY ALERTS, EXPERT TIPS - SIGN UP FOR KURT’S NEWSLETTER - THE CYBERGUY REPORT HERE

laptops

Windows laptop computers  (Microsoft)

What you need to know about the security flaw

Microsoft labeled the vulnerability CVE-2024-30078 with a maximum severity of "Important." It is described as a "Windows Wi-Fi Driver Remote Code Execution Vulnerability." If we break down these terms, you'd understand that the flaw allows an attacker within Wi-Fi range of your computer to send a specially crafted network packet to the target and exploit your PC.

This vulnerability is dangerous because it can bypass all security checks, doesn't need special permissions and requires no action from the user. For example, imagine you're at a cafe using its public Wi-Fi. You'd expect some security measures to protect your device. But with this vulnerability, an attacker could easily sneak malware onto your laptop without you knowing. You wouldn't have to click anything or give permission — just being connected to the Wi-Fi is enough. This could happen at any public hot spot, like at hotels, airports or cafes, putting many people at risk.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

Microsoft admitted there weren't any known active attacks utilizing this security hole. However, it described the vulnerability itself as fairly easy to exploit. While Microsoft downplays the immediate risk, these announcements can sometimes attract malicious hackers. The vulnerability affects every supported version of Windows, including unpatched versions of Windows 10 and Windows 11. It also affects all Windows Server versions from 2008 onward.

woman with laptop

A woman working  (Kurt "CyberGuy" Knutsson)

DON’T LET SNOOPS NEARBY LISTEN TO YOUR VOICEMAIL WITH THIS QUICK TIP

Microsoft’s response to its security vulnerability

On June 11, Microsoft released a patch that eliminates the security vulnerability. This patch also addresses 49 CVEs across Windows and its components, Office and its components, Azure Dynamic Business Central and Visual Studio. This is applicable if you are using a version of Windows that still receives security updates. If you are using an end-of-life version of Windows without an extended service contract, it is recommended to update to a supported version as soon as possible.

Update your Windows software now

In light of the recently discovered and patched Wi-Fi driver vulnerability, it is crucial for all Windows users to promptly update their software to ensure maximum protection against potential cyber threats. Keeping your operating system and other software up to date is one of the most effective ways to safeguard your devices from known vulnerabilities and security flaws. To update your Windows software and benefit from the latest security patches, follow these simple steps:

For Windows 10 and Windows 11

  • Click on the Start menu and select "Settings" (or press the Windows key + I shortcut).
  • In the Settings window, click on "Update & Security."
  • Under the "Windows Update" section, click on "Check for updates."
  • If updates are available, including the patch for the Wi-Fi driver vulnerability, Windows will download and install them automatically.
  • Once the installation is complete, you may be prompted to restart your computer to apply the updates.

For Windows 8.1 and earlier versions

  1. Open the Control Panel and navigate to "System and Security."
  2. Under the "Windows Update" section, click on "Check for updates."
  3. If updates are available, including the patch for the Wi-Fi driver vulnerability, select them and click "Install updates."
  4. Follow the on-screen instructions to complete the installation process.
  5. Restart your computer if prompted to apply the updates.

By keeping your Windows software up to date, you not only protect yourself from the recently discovered Wi-Fi driver vulnerability but also ensure that your system is fortified against other known security threats. Regular software updates are essential for maintaining a secure and reliable computing environment. Remember, cybercriminals are constantly seeking new ways to exploit vulnerabilities, so it's crucial to stay vigilant and promptly install updates as they become available. 

A LAPTOP

Windows laptop  (Microsoft)

CYBER SCAMMERS USE AI TO MANIPULATE GOOGLE SEARCH RESULTS 

Six ways to protect yourself from Wi-Fi cyberattacks

There are many ways a Wi-Fi network can be exploited by bad actors. However, you can protect yourself by following these steps.

1. Enable encryption: WPA2 and WPA3 (Wi-Fi-protected access) are the standard encryptions now. If your network is using WEP (wired equivalent privacy) security, this is outdated. New routers should automatically come with WPA2 or WPA3 encryption, but you may have to enable it to be sure your router is secure. Your wireless network manual will show you how to enable this on your particular network, but be sure to do so so your Wi-Fi requires a password.

2. Update your Wi-Fi password often: When you first set up a new router, it will come with a pre-set Wi-Fi router name and password. Be sure to change this as soon as you set it up and use a strong password. Always make sure your network requires a password to log in. It’s also important to change this information regularly. This makes it harder for anyone to hack into your network. Use these Best Password Managers for 2024 to help create and store your passwords.

3. Update firmware and software: As with computers and phones, it’s essential to keep your software up to date to help protect against security threats. Always run the latest software. Some routers will call this firmware, so make sure to keep that updated.

4. Install a strong antivirus program: Hackers often gain access to devices by sending infected emails or documents or tricking users into clicking a link that downloads malware. You can avoid all of this by installing antivirus software that will detect any potential threat before it can take over your device or router. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

5. Pick a secure router: If you’re in the market for a new router, check out my list of top routers. These routers are recommended not only for their security features but also for their compatibility with VPN service providers.

6. Use a VPN: A Virtual Private Network (VPN) can provide an additional layer of security, especially when accessing your network remotely. For best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices 

Remember, while no system can be completely invulnerable, these steps can significantly reduce the risk of cyberattacks on your Wi-Fi network.

Kurt’s key takeaway

The Wi-Fi driver flaw on Windows is particularly concerning because it gives bad actors an open invitation to exploit your computer. Since Microsoft has now made the vulnerability public, cybercriminals may try to exploit it even though the Redmond-based company says it has patched it. As a rule of thumb, avoid using public Wi-Fi networks you don’t trust. If necessary, connect to a VPN, turn off file sharing, and disable auto-connect.

Do you often use public Wi-Fi networks? If yes, do you take any measures to protect your digital privacy and safety? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover

Follow Kurt on his social channels

Answers to the most asked CyberGuy questions:

Copyright 2024 CyberGuy.com.  All rights reserved.

Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Authored by Kurt Knutsson, Cyberguy Report via FoxNews June 15th 2024