Products > Security

RCE in WiFi driver, all supported versions of Windows


CVE-2024-30078 (GHSA)

Yep, that's a nice one.

Microsoft lists Server 2008 as affected.
That makes it extremely likely that Windows 7 is also affected by this issue. And i wouldn't expect Windows 7 to get an update to fix the problem. Maybe someone can hack the Server 2008 patch.
If that is not possible, that marks the end of any reasonable usability of windows 7 systems that rely on wireless connectivity

I wonder, if versions before 6.x are affected. WindowsXP SP3 is still widely used in niche applications and they do use WiFi.

Perhaps barcode scanners in stores and screens with advertisements are not high-value targets. Defacing is the primary concern and the PR branch will cover up for that. As far as I understand the attack also requires having access to the network, which reduces its usability against such targets. After all many of them don’t use encryption and are vulnerable to rogue DHCPs in the first place, requiring no sophisticated attacks. But this could still be an interesting situation.


[0] Message Index

There was an error while thanking
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod