An issue is occurring in Windows that could allow an attacker to execute code on a nearby PC, without any interaction from the victim.
The problem lies in the wifi network card and carries the vulnerability code CVE-2024-30078. It was discovered by Chinese Cyber Kunlun and was also confirmed by Microsoft.
The wifi vulnerability is dangerous for several reasons. This means that a hacker only needs to be in physical proximity to a device to exploit the bug and execute code remotely. It appears that the attacker also does not have to be connected to the same network as the victim, although this was not explicitly stated.
Additionally, no interaction is necessary. If the hacker wants to run code on the victim’s computer, they should not click on a link, open or download a file. You just need to be close to a hacker with a functional device to be attacked.
To resolve the issue, a fix is included in the most recent Patch Tuesday update for Windows. Anyone who does not install it automatically is recommended to do so this time as soon as possible.
Finally, the technique works on almost all versions of Windows and Windows Server.
