There are always risks when connecting to unknown public WiFi networks. Scammers will sometimes create ‘fake’ hotspots that capture and steal sensitive data from their unsuspecting victims. However, these scams only work when the hackers have complete control of the WiFi network.
Microsoft discovers a new variation
Microsoft recently identified a new vulnerability that could be exploited to compromise machines on any public WiFi network. The vulnerability (CVE-2024-30078) allows hackers to send a malicious packet to devices on the same Wi-Fi networks in locations such as airports, coffee shops, hotels, or workplaces.
Once the magic packet has been received by an unprotected computer, the hacker can remotely execute commands and access the system. Worse still, the whole process is invisible – there are no prompts or alerts that show something is wrong.
Fortunately, Microsoft has developed a fix. The patch for CVE-2024-30078 was included in the monthly update for June. Although Microsoft classifies this vulnerability as “Important” (the second highest rating), it still presents a significant risk to anyone who uses public WiFi networks.
Patch today
Like any security patch, we strongly recommending installing the upgrade as soon as possible – even if you have no plans to use a public WiFi network. Why? Because if they can get connected, hackers can use the magic packet technique on your own home network too.
Microsoft release new software updates every month to address vulnerabilities. By installing patches as soon as they are released, you greatly reduce the risk of becoming a victim of cybercrime.
Additional protection
The only problem with security updates is that there tends to be a lag between vulnerability discovery and the patch being released. And it is during that gap when cybercriminals are most likely to strike.
The good news is that you can close that gap with a robust antimalware tool like Panda Dome. Panda Dome monitors your devices for suspicious activity, blocking anything that may indicate a hacking attempt. In this way, you can protect yourself against magic packet attacks – even those which have not yet been identified.
Get yourself protected today. Make sure you apply the June Microsoft update then download a free trial of Panda Dome to ensure you’re protected against the next unidentified vulnerability!