Need help understanding 1 CVE | Microsoft Community [Unofficial] | Page 1

spice trench Jun 21, 2024, 11:50 PM

#

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078

Security Update Guide - Microsoft Security Response Center

olive oxide Jun 21, 2024, 11:52 PM

#

do you have any specific questions about it?

spice trench Jun 21, 2024, 11:53 PM

#

yes can you please explain it in simple english, what does it mean?

#

"to be within proximity of the target system"

#

what exactly this proximity means

olive oxide Jun 21, 2024, 11:58 PM

#

within a set distance of the target
so the attack is carried out over wifi, in most circumstances both the attacker and target will need to be within wifi-range of an access point to a given network

best off thinking of it has your home network, if you have your windows desktop in an office connected to your wifi and an attacker is outside of your house, able to connect to your wifi then they are within proximity to carry out an attack

#

if they go down your street, they won't be in range of your wifi, won't be able to connect to it and therefore won't be able to exploit this vulnerability

#

the main concern for this CVE is devices on public networks - so hotels, cafes etc

spice trench Jun 22, 2024, 12:00 AM

#

I have lan cables connected to router, are those machines vulnerable too ?

olive oxide Jun 22, 2024, 12:02 AM

#

I believe the CVE specifically impacts a WI-FI driver so if your devices are all running over Ethernet you should be fine, that being said the update patching the issue was released so simply updating would be good enough

spice trench Jun 22, 2024, 12:02 AM

#

ok thanks BSODHappy

#Need help understanding 1 CVE