The Download
One vulnerability patched in the June Patch Tuesday announcement that may have escaped your attention is a severe vulnerability in Microsoft Windows that can give a hacker on the same wifi network unauthorized access to your machine. The vulnerability tracked as CVE-2024-30078 has CVSS score of 8.8 out of 10. The vulnerability is particularly dangerous because the attacker needs no interaction with the victim in order to compromise the machine. If you are always working from home or in an office with trusted people, the risk is less. But if you are working from an airport, coffee shop, library, campus network, or other public place wifi network, this vulnerability is one that you need to patch.
What You Can Do
The vulnerability affects all versions of Windows. So if you are taking your Windows laptop out and connecting to a public wifi, you are at risk. Fortunately, a patch for this vulnerability is available. Your first step is to understand your attack surface. Laptops are often overlooked because they may not necessarily be connected to the network when a network scan happens. ThreatMate can identify vulnerable machines on and off the network.
To Learn More: