Microsoft has released a critical security update for users of all supported Windows versions as a new Wi-Fi compromise requiring no authentication has been confirmed.
The full details of how it works will probably not be public yet in order to protect people who haven’t had a chance to patch yet
It’s a zero user input, remote code execution exploit that doesn’t require direct physical access—that pretty much means anyone with WiFi is at risk until they patch
The exploit was discovered by a security research firm who did the right thing and reported it to the SW creator, giving them the opportunity to distribute a patch.
Since it hasn’t yet been reported as being exploited “in the wild” publishing details on how to perform the exploit would be at best negligent, and worst carelessly malicious.
The full details of how it works will probably not be public yet in order to protect people who haven’t had a chance to patch yet
It’s a zero user input, remote code execution exploit that doesn’t require direct physical access—that pretty much means anyone with WiFi is at risk until they patch
Agreed.
The exploit was discovered by a security research firm who did the right thing and reported it to the SW creator, giving them the opportunity to distribute a patch.
Since it hasn’t yet been reported as being exploited “in the wild” publishing details on how to perform the exploit would be at best negligent, and worst carelessly malicious.