Security News > 2024 > June > Let's kick off our summer with a pwn-me-by-Wi-Fi bug in Microsoft Windows

Patch Tuesday Microsoft kicked off our summer season with a relatively light June Patch Tuesday, releasing updates for 49 CVE-tagged security flaws in its products - including one bug deemed critical, a fairly terrifying one in wireless networking, and one listed as publicly disclosed.
It could allow a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted malicious MSMQ packet to a vulnerable Windows system, such as a Windows Server box.
Childs said: "Considering it hits every supported version of Windows, it will likely draw a lot of attention from attackers and red teams alike." Patch as soon as you can: This flaw can be abused to run malicious software on and hijack a nearby Windows PC via their Wi-Fi with no authentication needed.
The Adobe Commerce update addresses seven critical and three important vulnerabilities that could be exploited for arbitrary code execution, a security feature bypass and privilege escalation.
The patch for Audition fixes two important memory leak and application denial-of-service vulnerabilities, while the ColdFusion update fixes two important bugs that could lead to arbitrary file system read and allow an attacker to bypass security features.
Upgrade to SolarWinds Serv-U 15.4.2 HF 2 to plug the security hole.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/06/12/june_patch_tuesday/
Related news
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft has finally fixed Date & Time bug in Windows 11 (source)
- Microsoft shares workaround for Windows security update issues (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft to remove the Location History feature in Windows (source)
- Microsoft testing fix for Windows 11 bug breaking SSH connections (source)
- Microsoft launches ad-supported Office apps for Windows users (source)
- Microsoft tests ad-supported Office apps for Windows users (source)