Latest Windows update patches critical Wi-Fi vulnerability

From PC World: Windows updates don’t just exist to annoy you and make you reboot your computer twice as often as you normally would. They often include some actually important stuff.

This week’s update has a critical patch for a known Wi-Fi vulnerability, which Microsoft rates as an 8.8 out of 10 in terms of danger—so, go ahead and spin up Windows Update sooner rather than later.

As The Register reports, the CVE-2024-30078 bug fix prevents remote code execution (that means “running scary stuff on your PC from somewhere else”) via a Wi-Fi driver. The details of this vulnerability aren’t public, and it doesn’t appear to be being exploited “in the wild,” but Microsoft isn’t leaving things up to chance. Hackers might be able to figure it out now that it’s been addressed.

The same can’t be said for the critical CVE-2024-30080 patch, which allows remote code execution via the Microsoft Message Queuing system. This one’s dangerous enough that it gets a 9.8 rating, and it may be being exploited at the moment.

View: Full Article