From pandasecurity.com
There are always risks when connecting to unknown public WiFi networks. Scammers will sometimes create ‘fake’ hotspots that capture and steal sensitive data from their unsuspecting victims. However, these scams only work when the hackers have complete control of the WiFi network.
Microsoft discovers a new variation
Microsoft recently identified a new vulnerability that could be exploited to compromise machines on any public WiFi network. The vulnerability (CVE-2024-30078) allows hackers to send a malicious packet to devices on the same Wi-Fi networks in locations such as airports, coffee shops, hotels, or workplaces.
Once the magic packet has been received by an unprotected computer, the hacker can remotely execute commands and access the system. Worse still, the whole process is invisible – there are no prompts or alerts that show something is wrong.
Fortunately, Microsoft has developed a fix. The patch for CVE-2024-30078 was included in the monthly update for June. Although Microsoft classifies this vulnerability as “Important” (the second highest rating), it still presents a significant risk to anyone who uses public WiFi networks.