TechMicrosoft addresses critical wi-fi vulnerability in June update

Microsoft addresses critical wi‑fi vulnerability in June update

Microsoft has released the June update package for Windows. The most notable patched vulnerability is the Wi-Fi handling vulnerability, which allows remote code execution by sending a malicious packet. There are additional vulnerabilities, and the updates are cumulative.

Windows Update: June updates
Windows Update: June updates
Images source: © Pixabay
Kamil J. Dudek

12 June 2024 15:56

The most critical vulnerability is CVE-2024-30080, another issue found in MSMQ, an optional component disabled by default in Windows (including server versions). MSMQ has been a recurring feature in the monthly security patch announcements for a long time, and its outdated implementation has not aged well.

Questionable CVSS

Next on the list is a vulnerability in a rarely patched component for speech recognition and synthesis (SAPI). Identified as CVE-2024-30097, it is a typical example of memory corruption. Similarly typical is Microsoft’s extensive use of definitions for assessing the severity of problems (CVSS). To exploit the vulnerability in SAPI, a logged-in user must click on a malicious link. However, the attack is classified as network-based and not requiring any privileges, based on the premise that the attacker did not need to log in. As a result, the vulnerability, rated at 8.8, is at the top of the list, even though it probably should not be.

Among the most critical vulnerabilities in June are two serious ones, CVE-2024-30064 and CVE-2024-30068, which allow bypassing the isolation of AppContainer. However, the real highlight is the vulnerability in the Windows Wi-Fi driver, CVE-2024-30078. It is unclear whether this issue affects a specific third-party driver integrated with the system, a generic driver, or the driver handling mechanism in general.

Wi-Fi issue - will there be more?

It is known that the attack involves sending a distorted network packet, which, when received by the Windows system, leads to remote code execution. The classification "adjacent" instead of "network" suggests that the range of the network adapter itself limits the problem's scope.

This means that the attacker must be near the victim—they cannot send a malicious packet from an unspecified location on the Internet. This indeed limits the severity of this specific problem, but attacks on the network stack are very serious matters in general. No firewalls, antivirus software, or blocked services can protect against them.

According to Microsoft, the Wi-Fi issue remains theoretical. There have been no confirmed exploits or attempts to exploit this vulnerability, so it should, therefore, be patched before that happens. The patch for CVE-2024-30078 was also released for Windows Server 2008, indicating that the issue affects all versions of Windows and showing that even six months after support ended, Server Vista still receives updates.

The update for Windows 11 (KB5039212) grew by seven megabytes over the month and currently is about 721MB. For Windows 10, it remains roughly the same size as in May.

© Daily Wrap
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.