Urgent Windows security flaw lets hackers infect your PC over Wi-Fi — update right now

LG Gram 17 Pro (2023) review unit on table outdoors running Windows 11
(Image credit: Tom's Guide)

Hackers often use malicious documents or pirated software as a means of getting their malware onto vulnerable devices, but a new Windows flaw could let them do so over Wi-Fi.

As reported by Forbes, this new Wi-Fi vulnerability (tracked as CVE-2024-30078) affects all versions of Windows, and if exploited, it can be used by an attacker to infect vulnerable PCs with malware.

The flaw itself has a CVSS score of 8.8 out of 10, and what makes it particularly dangerous is the fact that an attacker doesn’t need physical access to a target system. They do however have to be on the same Wi-Fi network to exploit it.

Here’s everything you need to know about this new critical flaw along with some tips on how to keep your own Windows PC or laptop safe from hackers.

Making public Wi-Fi an even greater threat

In an update guide on its site, Microsoft confirmed that no special obligations need to be met to exploit this flaw except for the hacker being close to a target and on the same Wi-Fi network. They also don’t have to be authenticated nor do they need access to any settings or files on a victim’s PC.

To make matters worse, an exploit for this new Wi-Fi flaw doesn’t require any interaction from a potential victim at all. This means that users don’t need to click on a link in a phishing email or to download a malicious attachment for this to work.

For those working from home or at the office, this type of vulnerability is far less concerning. However, if you often use one of the best Windows laptops out in public — say at a coffee shop or in the airport — then you’d be more likely to fall victim to an attack exploiting this flaw.

Though often free, public Wi-Fi presents its own dangers, even without a flaw like this potentially being used in cyberattacks. This is why I highly recommend using one of the best VPNs when connected to public Wi-Fi networks. If you haven’t signed up for one yet or didn’t download its client before your big trip, then you’re going to want to avoid logging into sensitive sites on your laptop like your online banking account when connected to public Wi-Fi. Instead, you should use your phone and your own mobile data plan.

The good news here is that exploitation of this vulnerability is considered “less likely” by Microsoft. However, now that news about this flaw is out in the open, enterprising hackers could try to develop an exploit for it. The second bit of good news is that Microsoft has already patched this flaw along with 48 other vulnerabilities as part of its June 2024 Patch Tuesday updates.

How to keep your Windows PC safe from malware

The Microsoft Defender Antivirus, aka Windows Defender, logo on the display of a laptop sitting on a table or desk.

(Image credit: monticello/Shutterstock)

Just like with your smartphone, the easiest and simplest way to avoid falling victim to malware on your Windows PC is to keep your machine updated and running the latest software. Microsoft releases new security updates on the second Tuesday of every month and you can use this timeline for when to update your desktop or laptop.

From here, you should ensure that Windows Defender is enabled on your computer. This free antivirus software from Microsoft has really improved over the years and it now does a great job of catching the latest threats before they can do damage to your PC. For even more protection though, you should consider signing up for one of the best antivirus software solutions. Paid antivirus software is usually updated more regularly, plus you often get access to a VPN, password manager and other extras to help you stay safe online.

New vulnerabilities like the one described above crop up fairly often, but if you stay on top of things and update your PC regularly, your devices and your data should be safe from any attacks exploiting them.

More from Tom's Guide

TOPICS
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

  • Fox Tread3
    June 18, 2024 - The best part of this article is - "New vulnerabilities like the one described above crop up fairly often, but if you stay on top of things and update your PC regularly, your devices and your data should be safe from any attacks exploiting them." While the explote discussed in the article is not to be taken lightly. The point is that the hackers have to gain access to a Wi-Fi network. I would like to believe that just about anyone that owns a Wi-Fi network has it locked down. "Free Wi-Fi" in public areas has been problematic for years if not decades, for the naive and Tech "uninformed".
    Reply