Recent news by Forbes reveals a risk of a “wi-fi takeover attack,” which says that if you have a Windows computer (any version) and are using public Wi-Fi, your system can be hacked and infected with malware without any passwords or logins. According to the article,
“Microsoft has confirmed that with no special access conditions or extenuating circumstances needed, apart from the proximity requirement, an attacker could “expect repeatable success against the vulnerable component.” Microsoft also warns that an attacker requires no authentication as a user before exploiting this vulnerability, nor any access to settings or files on the victim’s machine before carrying out the attack. Furthermore, the user of the targeted device does not need to interact at all: there is no link to click, no image to load, and no file to execute.”
Forbes
So, the person with bad intentions just has to be nearby and on the same Wi-Fi network. Consider locations such as hotels, conventions, the airport, or your favorite coffee shop. They don’t need your password or access to any of your files or settings on your PC to exploit this risk. They can remotely run commands and gain access to your system. Your home Wi-Fi network can also be exploited if it doesn’t have a secure password.
Microsoft says the risk is low, but now that this is public, we can bet that someone will attempt to exploit this vulnerability in the system. What can you do? There is a Windows update, and if you are set up for automatic updates, it is part of the June 2024 Security Updates (automatically updated on June 11). If you have turned off updates or it is pending, which often happens with laptops, you might want to be sure this patch is applied to your system. With Windows 11, go to your system updates by typing “updates” into your Windows search bar.
This will take you to a screen showing if your system is updated. If your system has updates pending, take the time to update it.
If you have Windows 10, you can update your system by clicking the Start button and then going to Settings > Update & Security > Windows Update.
Unfortunately, older systems are no longer being patched. Windows XP, Windows Vista, Windows 7, Windows 8, and Windows 8.1 are no longer supported by Microsoft and so no longer receive security patches. If you have a machine with these operating systems, you can make sure you have security on your home Wi-Fi and never access public Wi-Fi for the best protection.
- Windows 8.1 support ended on January 10, 2023
- Windows 8 support ended on January 12, 2016
- Windows 7 support ended on January 14, 2020
- Windows Vista support ended on April 11, 2017
- Windows XP support ended on April 8, 2014