Have you seen this in the news today?

  • You might want to look into this issue:

    Windows flaw lets hackers sneak into your PC over Wi-Fi | Fox News

    I don't know how serious this might be, but maybe should be checked out.

    Rick
    Disaster Recovery = Backup ( Backup ( Your Backup ) )

  • I would start by not following the news from Fox, but that's just a personal bias against Fox News. I would check tech news sites like the register (for example) or, better yet, check the official CVE - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078

    If you read that, you can see that it has a high rating which means it should be taken seriously, but it also says there are no known exploits and no evidence of it being exploited in the wild.

    One reason why it may not be that serious is based on what is required to exploit this. The attacker must be within wifi range of your computer (laptop/desktop). So, at your house, that's a neighbor or someone parked outside your house. Wifi range for my machines is not great (I have 2 repeaters in my house so I can get full coverage), so I am not too concerned about it. Bigger concern MAY be public spaces like coffee shops or hotels, but even then, the attacker would need to be close enough to your machine to gain access.

    Now, with the above being said, RCE's are something that shouldn't be taken lightly. Someone gets access to your machine, they can own it. Put a rootkit in, a trojan, keylogger, ransomeware, crypto mining, whatever they want.

    One more reason though why I would say it is not a big deal is Servers (the big targets for hackers) shouldn't really have wifi on them, so the risk for those boxes is low. Desktop/Laptop computers should be running Windows 10 or 11 if they are running Windows as anything older is just silly to run as it is out of support for a while now. If you are on 10 or 11, there is a patch available and if automatic updates are on and coming from Microsoft, you are likely already patched. If your updates are manual or handled by your IT department, they probably have this patch queued up to be deployed due to the high CVE rating.

    Overall, the CVE rating is high, the risk due to exploit is high, but the risk of exploit is low in my opinion.

    The above is all just my opinion on what you should do. 
    As with all advice you find on a random internet forum - you shouldn't blindly follow it.  Always test on a test server to see if there is negative side effects before making changes to live!
    I recommend you NEVER run "random code" you found online on any system you care about UNLESS you understand and can verify the code OR you don't care if the code trashes your system.

  • There is some original basis of truth in rumor and old wives tales.  While you place no faith in Fox, it did make people at least look.

    While your opinion that the risk of exploitation is low, the CVE says the rating is high.  It's nice to have a fix before a problem occurs for once.  Install the fix.  If you're not already doing security patches/fixes on a regular basis, you need to change your ways.

    --Jeff Moden


    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.


    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)

  • Jeff Moden wrote:

    If you're not already doing security patches/fixes on a regular basis, you need to change your ways.

    TRUTH!

    "The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood"
    - Theodore Roosevelt

    Author of:
    SQL Server Execution Plans
    SQL Server Query Performance Tuning

  • "I would start by not following the news from Fox, but that's just a personal bias against Fox News."

    Yeah, I'd say that is a bit of bias.  I keep reading that they are the most watched and followed news source, have been for a long time.  But to each their own.

     

    Rick
    Disaster Recovery = Backup ( Backup ( Your Backup ) )

  • Most watched does not equate to accurate.  They did have to pay out nearly $800 million due to false claims.

  • Just to reply to both Jeff Moden and Seketon567 - I do agree that Fox was ONE of the places reporting on it, but I heard about it elsewhere. A lot of places report on the CVE's, and for the systems I am responsible for, I am signed up to services that let me know CVE's as they are created for the tools I administer so I can address them as I see fit. Our IT department also has vulnerability scanning tools running on all machines and send me a notice when they see something on a system I manage that needs addressing. By the time the news (fox, cnn, msnbc, the register, twitter, etc.), I should already be notified through the tools or my IT department.

    SOMETIMES the media over-hypes a CVE as sounding worse than it is. SOMETIMES they under-represent the CVE severity. If I hear about a CVE, I investigate at the source to determine the impact to my systems. A HIGH level CVE on a system I have hidden behind a corporate VPN is not AS high as one that is on a system exposed to the internet, for example.

    The above is all just my opinion on what you should do. 
    As with all advice you find on a random internet forum - you shouldn't blindly follow it.  Always test on a test server to see if there is negative side effects before making changes to live!
    I recommend you NEVER run "random code" you found online on any system you care about UNLESS you understand and can verify the code OR you don't care if the code trashes your system.

Viewing 7 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply