Microsoft recently closed a security gap in the Windows Wi-Fi driver. The exploit would allow attackers to run malicious code on vulnerable systems via Wi-Fi. The vulnerability specifically affects Windows 10 and Windows 11, as well as all versions of Windows Server since 2008. An attacker does not need to have access to the target computer to exploit it.
The company says that there are no known active exploits for this vulnerability, but the attack is quite simple and has a level of «Important». An attacker only needs to be within range of the computer’s Wi-Fi to send a specially crafted network packet to the target computer and exploit the vulnerability.
The Wi-Fi attack bypasses all authentication protocols, does not require prior access rights, and does not require any interaction with the user. As a result, an attacker could plant malware on Windows users who connect to public Wi-Fi networks without being noticed — in hotels, airports, cafes, etc. Or, for example, simply walk up to the victim’s home.
The vulnerability is currently patched, but it requires a Windows update on Tuesday, June 11. However, almost certainly not everyone has updated, and such announcements can provoke attackers. The ease with which the exploit can be exploited is also a concern. The patch also addresses other vulnerabilities, including one that allowed remote unauthenticated attackers to run malicious code with elevated privileges.
Source: Tom`s Hardware