Microsoft Addresses Critical Wi-Fi Driver Vulnerability

Why you need this article

Microsoft recently addressed a significant security risk affecting Windows Wi-Fi drivers. The vulnerability, catalogued as CVE-2024-30078, carries a CVSS severity score of 8.8 and affects various Windows versions from Server 2008 to the latest Windows 11.

Any unauthenticated attacker within Wi-Fi range can exploit this vulnerability by sending a malicious network packet to execute code remotely on a targeted machine. This opens the door for nefarious actions without user interaction, requiring only physical proximity to the network.

Affected versions include:

• Windows Server editions from 2008 through 2022
• Numerous versions of Windows 10 and Windows 11

To update your system:

1. Go to Settings
2. Select Update & Security
3. Check for updates

If your Windows version is still supported, you’ll receive the necessary patch to secure your Wi-Fi driver.

Microsoft’s June 2024 Patch Tuesday included a security update fixing this bug, among others. For an extensive list of affected versions and specific details, refer to Microsoft’s official release notes. (link)

Microsoft Patch Tuesday Highlights

Microsoft’s Patch Tuesday update for June 2024 addresses 48 other significant vulnerabilities across Windows, Azure, and Microsoft Office platforms. Notable high-severity vulnerabilities include:

Vulnerability	Description	CVSS Score
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability (CVE-2024-30080)	Allows unauthenticated attackers to execute arbitrary code on target systems with the MSMQ service enabled	9.8
Windows Kernel Privilege Escalation Vulnerabilities (CVE-2024-30084, CVE-2024-35250)	Allow authenticated local users to escalate permissions to SYSTEM level	N/A
Microsoft Streaming Services Vulnerability (CVE-2024-30089)	Enables local attackers to gain SYSTEM privileges	N/A

To protect your systems:

1. Enable automatic updates: Go to Settings > Update & Security > Check for Updates.
2. Verify update success: Check “View update history” after installation.
3. Monitor network security: Update or disable critical services like MSMQ if not in use.
4. Backup data: Maintain up-to-date backups before applying new patches.

For comprehensive information, consult Microsoft’s Update Guide (link). Stay vigilant and apply these updates promptly to safeguard your systems and data from potential intrusions.

For clarity, let’s review the full breakdown of exactly how to perform a Windows update to patch the CVE-2024-30078 Wi-Fi driver vulnerability and make sure you are fully protected.

Step 1: Access Windows Update Settings

1. Open the Start Menu and click on the Settings icon.
2. Go to Update & Security.
3. Click on the Windows Update tab.

Step 2: Check for Updates

1. Click on “Check for updates”.
2. Windows will search for available updates.

Step 3: Install the Updates

1. Click “Download and install”.
2. Wait for the download and installation to complete.
3. Restart your computer if prompted.

Step 4: Verify Installation

1. Return to Windows Update settings.
2. Click on “View update history” to confirm successful installation.

Step 5: Resolve Known Installation Issues

• Check for error codes if the update fails.
• Verify your internet connection.
• Restart your device and try again.
• Run the Windows Update Troubleshooter.
• Temporarily disable third-party antivirus software if it’s interfering.
• Use the Microsoft Update Catalog for manual downloads if necessary.

Conclusion

By following these steps, you’ll secure your Wi-Fi driver and protect your system from multiple vulnerabilities patched in Microsoft’s latest update.

Sources

1. Microsoft Security Response Center. CVE-2024-30078: Windows Wi-Fi Driver Vulnerability. Microsoft Security Response Center Blog. 2024.
2. National Institute of Standards and Technology. NVD – CVE-2024-30078. National Vulnerability Database. 2024.
3. Microsoft. Security Update Guide – June 2024. Microsoft Security Response Center. 2024.