Hackers often use malicious documents or pirated software as a means of getting their malware onto vulnerable devices, but a new Windows flaw could let them do so over Wi-Fi.
As reported by Forbes, this new Wi-Fi vulnerability (tracked as CVE-2024-30078) affects all versions of Windows, and if exploited, it can be used by an attacker to infect vulnerable PCs with malware.
The flaw itself has a CVSS score of 8.8 out of 10, and what makes it particularly dangerous is the fact that an attacker doesn’t need physical access to a target system. They do however have to be on the same Wi-Fi network to exploit it.
Here’s everything you need to know about this new critical flaw along with some tips on how to keep your own Windows PC or laptop safe from hackers.
Making public Wi-Fi an even greater threat
In an update guide on its site, Microsoft confirmed that no special obligations need to be met to exploit this flaw except for the hacker being close to a target and on the same Wi-Fi network. They also don’t have to be authenticated nor do they need access to any settings or files on a victim’s PC.
To make matters worse, an exploit for this new Wi-Fi flaw doesn’t require any interaction from a potential victim at all. This means that users don’t need to click on a link in a phishing email or to download a malicious attachment for this to work.
For those working from home or at the office, this type of vulnerability is far less concerning. However, if you often use one of the best Windows laptops out in public — say at a coffee shop or in the airport — then you’d be more likely to fall victim to an attack exploiting this flaw.
Though often free, public Wi-Fi presents its own dangers, even without a flaw like this potentially being used in cyberattacks. This is why I highly recommend using one of the best VPNs when connected to public Wi-Fi networks. If you haven’t signed up for one yet or didn’t download its client before your big trip, then you’re going to want to avoid logging into sensitive sites on your laptop like your online banking account when connected to public Wi-Fi. Instead, you should use your phone and your own mobile data plan.
The good news here is that exploitation of this vulnerability is considered “less likely” by Microsoft. However, now that news about this flaw is out in the open, enterprising hackers could try to develop an exploit for it. The second bit of good news is that Microsoft has already patched this flaw along with 48 other vulnerabilities as part of its June 2024 Patch Tuesday updates.
How to keep your Windows PC safe from malware
Just like with your smartphone, the easiest and simplest way to avoid falling victim to malware on your Windows PC is to keep your machine updated and running the latest software. Microsoft releases new security updates on the second Tuesday of every month and you can use this timeline for when to update your desktop or laptop.
From here, you should ensure that Windows Defender is enabled on your computer. This free antivirus software from Microsoft has really improved over the years and it now does a great job of catching the latest threats before they can do damage to your PC. For even more protection though, you should consider signing up for one of the best antivirus software solutions. Paid antivirus software is usually updated more regularly, plus you often get access to a VPN, password manager and other extras to help you stay safe online.
New vulnerabilities like the one described above crop up fairly often, but if you stay on top of things and update your PC regularly, your devices and your data should be safe from any attacks exploiting them.
More from Tom's Guide
