TechMicrosoft's June patch includes critical Wi-Fi vulnerability fix

Microsoft's June patch includes critical Wi‑Fi vulnerability fix

Microsoft released the June update package for Windows. Among the patched vulnerabilities, the most interesting is the Wi-Fi handling vulnerability. It is possible to execute code remotely by sending a malicious packet. There are more vulnerabilities, and the updates are cumulative.

Windows Update: June updates
Windows Update: June updates
Images source: © Pixabay
Kamil J. Dudek

The most critical vulnerability is CVE-2024-30080, an issue found in MSMQ, an optional component disabled by default in Windows (including server versions). MSMQ has long been a recurring element in the monthly security patch announcements, but its outdated implementation has not aged well.

Questionable CVSS

Next on the list is a vulnerability in a rarely patched component for speech recognition and synthesis (SAPI). The vulnerability, CVE-2024-30097, is a typical example of memory corruption. Similarly, Microsoft’s overuse of definitions for assessing the severity of problems (CVSS) is usual. To exploit the vulnerability in SAPI, a (logged-in, of course) user must click on a malicious link. However, the attack has been classified as network-based and does not require any privileges - based on the premise that the attacker does not need to log in. As a result, the vulnerability, rated at 8.8, is at the top of the list, even though it should not be.

Among the most important vulnerabilities in June are two serious vulnerabilities, CVE-2024-30064 and CVE-2024-30068, that allow bypassing the isolation of AppContainer. However, the real highlight is the vulnerability in the Windows Wi-Fi driver, CVE-2024-30078. The document does not state whether this issue affects a specific third-party driver integrated with the system, a generic driver, or the driver handling mechanism in general.

Wi-Fi issue - will there be more?

It is known, however, that the attack involves sending a distorted network packet, which, when received by the Windows system, leads to remote code execution. The classification "adjacent" instead of "network" suggests that the range of the network adapter itself limits the problem's scope.

This means the attacker must be near the victim - they cannot send a malicious packet from an unspecified online location. This limits the severity of this specific problem, but attacks on the network stack are a grave matter. No firewalls, antivirus software, or blocked services can protect against them.

According to Microsoft, the Wi-Fi issue remains theoretical. There have been no confirmed exploits or attempts to exploit this vulnerability, so it should, therefore, be patched before that happens. The patch for CVE-2024-30078 was also released for Windows Server 2008, indicating that the issue affects all versions of Windows and showing that even six months after support ended, server Vista still receives updates.

The update for Windows 11 (KB5039212) grew by seven megabytes over the month and currently weighs 721MB. For Windows 10, it remains approximately the same size as in May.

© Daily Wrap
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.