Author Topic: RCE in WiFi driver, all supported versions of Windows  (Read 220 times)

0 Members and 1 Guest are viewing this topic.

Offline golden_labelsTopic starter

  • Super Contributor
  • ***
  • Posts: 1286
  • Country: pl
RCE in WiFi driver, all supported versions of Windows
« on: June 16, 2024, 10:27:21 pm »
CVE-2024-30078 (GHSA)

People imagine AI as T1000. What we got so far is glorified T9.
 

Offline SiliconWizard

  • Super Contributor
  • ***
  • Posts: 14892
  • Country: fr
Re: RCE in WiFi driver, all supported versions of Windows
« Reply #1 on: June 19, 2024, 01:47:01 am »
Yep, that's a nice one.
 

Offline Ranayna

  • Frequent Contributor
  • **
  • Posts: 884
  • Country: de
Re: RCE in WiFi driver, all supported versions of Windows
« Reply #2 on: June 19, 2024, 02:22:55 pm »
Microsoft lists Server 2008 as affected.
That makes it extremely likely that Windows 7 is also affected by this issue. And i wouldn't expect Windows 7 to get an update to fix the problem. Maybe someone can hack the Server 2008 patch.
If that is not possible, that marks the end of any reasonable usability of windows 7 systems that rely on wireless connectivity
 

Offline golden_labelsTopic starter

  • Super Contributor
  • ***
  • Posts: 1286
  • Country: pl
Re: RCE in WiFi driver, all supported versions of Windows
« Reply #3 on: June 19, 2024, 02:57:22 pm »
I wonder, if versions before 6.x are affected. WindowsXP SP3 is still widely used in niche applications and they do use WiFi.

Perhaps barcode scanners in stores and screens with advertisements are not high-value targets. Defacing is the primary concern and the PR branch will cover up for that. As far as I understand the attack also requires having access to the network, which reduces its usability against such targets. After all many of them don’t use encryption and are vulnerable to rogue DHCPs in the first place, requiring no sophisticated attacks. But this could still be an interesting situation.
People imagine AI as T1000. What we got so far is glorified T9.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf