Update your Windows PC now to fix a serious Wi-Fi security flaw

For general computer discussion & help, come here

Moderators: Bakhtosh, EvilHomer3k

Post Reply
User avatar
Anonymous Bosch
Posts: 10698
Joined: Thu Oct 14, 2004 6:09 pm
Location: Northern California [originally from the UK]

Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Anonymous Bosch »

Heads up.

Last week, Microsoft released a critical security patch that addresses a dangerous Wi-Fi vulnerability affecting all versions of Windows. In plain English, it allows an attacker to send malicious networking packets to devices connected to the same Wi-Fi network. What's worse is that attackers can then remotely run commands and gain access to the devices, all without any intervention or authentication on the device owners' part. This flaw leaves Windows systems exposed to serious potential threats, so I recommend ensuring your system is patched as soon as possible. For further detail, have a butcher's at the information provided below courtesy of The Verge and The Register.

To make sure your system is patched and updated, I suggest manually checking that your system is fully up to date by simply doing the following:
  • Click Start > Settings > Update & Security > Windows Update, and then select Check for updates. If updates are available, make sure you install them.


Update your Windows PC to avoid a serious Wi-Fi vulnerability
TheVerge.com wrote:The vulnerability could let hackers gain access to your PC on public Wi-Fi networks.

If you’ve been putting off your next Windows update, now’s the time to install it. Last week, Microsoft patched a pretty nasty vulnerability in Windows 11 and 10 that could put your PC at risk when connected to a public Wi-Fi network, as spotted earlier by The Register.

The vulnerability (CVE-2024-30078) could let hackers deploy a malicious packet to devices connected to the same Wi-Fi networks in places like airports, coffee shops, hotels, or even workplaces. From there, hackers can remotely run commands and gain access to a system — all without any user interaction or authentication. Microsoft rolled out the patch as part of its monthly security update on June 11th.

Microsoft has labeled the vulnerability as “important,” which is the company’s second-highest severity rating for security vulnerabilities. Even if you don’t plan on taking your laptop to the coffee shop with you anytime soon, you shouldn’t delay this patch.
Let's kick off our summer with a pwn-me-by-Wi-Fi bug in Microsoft Windows
TheRegister.com wrote:

There's also the scary-looking CVE-2024-30078, a Wi-Fi driver remote code execution hole rated 8.8 in severity. It's not publicly disclosed, not yet under attack, and exploitation is "less likely," according to Redmond.

"An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution," and thus remotely, silently, and wirelessly run malware or spyware on that nearby victim's computer, Microsoft admitted.

Childs said: "Considering it hits every supported version of Windows, it will likely draw a lot of attention from attackers and red teams alike." Patch as soon as you can: This flaw can be abused to run malicious software on and hijack a nearby Windows PC via their Wi-Fi with no authentication needed. Pretty bad.

On top of this, there are the usual load of elevation of privilege and other code execution holes in Microsoft's code to close with this month's patches.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
User avatar
Daehawk
Posts: 65690
Joined: Sat Jan 01, 2005 1:11 am

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Daehawk »

Ive tried off and on all day and cant make it update. I always get an error. It searches for updates. Finds some and starts installs but stays at 0% then errors in about a minute. I give up.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Anonymous Bosch
Posts: 10698
Joined: Thu Oct 14, 2004 6:09 pm
Location: Northern California [originally from the UK]

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Anonymous Bosch »

Daehawk wrote: Mon Jun 24, 2024 10:27 pm Ive tried off and on all day and cant make it update. I always get an error. It searches for updates. Finds some and starts installs but stays at 0% then errors in about a minute. I give up.
Are you seeing the 0x80070643 Error Install Failure with this message?

"There were some problems installing updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070643)."

If so, this is caused by a lack of disk space on your Windows Recovery Environment partition. The only workaround is to resize your recovery partition, increasing it by at least an additional 250MB. Think of this as another unhelpful inducement from Microsoft, letting you know that they'd really much prefer you to be running a more recent version of Windows 11 instead.

However, here are the relevant step-by-step instructions from Microsoft that explain how to manually resize your recovery partition, and walk you through precisely how to make the necessary changes to resolve this problem. Do not bury your head in the sand and procrastinate on fixing it, or you risk missing out on crucial Windows security updates such as this going forward.

KB5028997: Instructions to manually resize your partition to install the WinRE update
support.microsoft.com wrote:Summary

Microsoft has changed how it updates PCs that run the Windows Recovery Environment (WinRE). WinRE will be updated using the monthly cumulative update. This change only applies to PCs that get updates from Windows Update (WU) and Windows Server Update Services (WSUS). This change starts on June 27, 2023, for the Windows 11, version 22H2 cumulative update.

Some PCs might not have a recovery partition that is large enough to complete this update. Because of this, the update for WinRE might fail. You will receive the error message, "Windows Recovery Environment servicing failed.” To help you recover from this failure, this article provides instructions to manually resize your recovery partition if you get a system ErrorPhase of 2. This requires your device to have the recovery partition after the OS partition. Use the steps below to verify this.

Manually resize your partition by 250 MB
  1. Open a Command Prompt window (cmd) as admin.
  2. To check the WinRE status, run reagentc /info. If the WinRE is installed, there should be a “Windows RE location” with a path to the WinRE directory. An example is, “Windows RE location: [file://%3f/GLOBALROOT/device/harddisk0/partition4/Recovery/WindowsRE]\\?\GLOBALROOT\device\harddisk0\partition4\Recovery\WindowsRE.” Here, the number after “harddisk” and “partition” is the index of the disk and partition WinRE is on.
  3. To disable the WinRE, run reagentc /disable
  4. Shrink the OS partition and prepare the disk for a new recovery partition.
    1. To shrink the OS, run diskpart
    2. Run list disk
    3. To select the OS disk, run sel disk <OS disk index> This should be the same disk index as WinRE.
    4. To check the partition under the OS disk and find the OS partition, run list part
    5. To select the OS partition, run sel part <OS partition index>
    6. Run shrink desired=250 minimum=250
    7. To select the WinRE partition, run sel part <WinRE partition index>
    8. To delete the WinRE partition, run delete partition override
  5. Create a new recovery partition.
    1. First, check if the disk partition style is a GUID Partition Table (GPT) or a Master Boot Record (MBR). To do that, run list disk. Check if there is an asterisk character (*) in the “Gpt” column. If there is an asterisk character (*), then the drive is GPT. Otherwise, the drive is MBR.

      i. If your disk is GPT, run create partition primary id=de94bba4-06d1-4d40-a16a-bfd50179d6ac followed by the command gpt attributes =0x8000000000000001

      ii. If your disk is MBR, run create partition primary id=27
    2. To format the partition, run format quick fs=ntfs label=”Windows RE tools”
    3. If your disk is MBR, run set id=27
  6. To confirm that the WinRE partition is created, run list vol
  7. To exit from diskpart, run exit
  8. To re-enable WinRE, run reagentc /enable
  9. To confirm where WinRE is installed, run reagentc /info
Note If creation failed or you do not want to extend the WinRE partition, run reagentc /enable to re-enable WinRE.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
User avatar
Daehawk
Posts: 65690
Joined: Sat Jan 01, 2005 1:11 am

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Daehawk »

Thats the error.

ok Ive followed those directions to the part that says To check the partition under the OS disk and find the OS partition, run list part. It says there is no part and I cant do more

I have 4 disks listed
Disk 0 Online 465 GB 1024 KB
Disk 1 Online 232 GB 23 GB
Disk 2 Online 931 GB 0 B
Disk 3 Online 465 GB 0 B
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Anonymous Bosch
Posts: 10698
Joined: Thu Oct 14, 2004 6:09 pm
Location: Northern California [originally from the UK]

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Anonymous Bosch »

Daehawk wrote: Tue Jun 25, 2024 1:09 am Thats the error.

ok Ive followed those directions to the part that says To check the partition under the OS disk and find the OS partition, run list part. It says there is no part and I cant do more

I have 4 disks listed
Disk 0 Online 465 GB 1024 KB
Disk 1 Online 232 GB 23 GB
Disk 2 Online 931 GB 0 B
Disk 3 Online 465 GB 0 B
Ok, out of an abundance of caution, I'm going to suggest an alternative method to make absolutely certain that you select the correct disk number and partition:
  • Press Windows key + X to open the Quick Link menu.
  • From the Quick Link menu, click on Disk Management.
  • Look for the partition that contains your Windows OS, i.e. the (C:) drive. You should see the recovery partition displayed to the right of your (C:) partition.
  • Click on that recovery partition.
  • Now, the top section of the Disk Management window will highlight the particular disk number and partition number of your current recovery partition, as shown in the Volume column.
  • Make note of this info, along with the current capacity of your (C:) partition and also your recovery partition.
Here's a sample image that helps illustrate what you're looking for:

Image

Respond here with that info, and I'll walk you through how to proceed.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
User avatar
Daehawk
Posts: 65690
Joined: Sat Jan 01, 2005 1:11 am

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Daehawk »

Ok found it.....I had turned it off while following those first steps above in the first post. No wonder it wasn't showing.

heres a pic

Image
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Anonymous Bosch
Posts: 10698
Joined: Thu Oct 14, 2004 6:09 pm
Location: Northern California [originally from the UK]

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Anonymous Bosch »

Firstly, in looking at your screenshot, it seems you have 23.29 GB of unallocated disk space on your OS drive. So, you may as well reassign that unallocated disk space to (C:) prior to resizing your recovery partition. You can do this using the Disk Management tool by following the steps below:
  1. Press the Windows key + X on your keyboard to open the Quick Link menu, and select "Disk Management" to launch the Disk Management tool.
  2. In the Disk Management window, right-click on the (C:) partition on Disk 1, and select "Extend Volume".
  3. The Extend Volume Wizard will appear. Click "Next" to continue.
  4. The wizard will show the available unallocated space on Disk 1 (23.29 GB). Ensure that the maximum available space is selected and click "Next".
  5. Review the settings and click "Finish" to complete the process.
  6. After the process is complete, you should see the new increased size of your (C:) partition shown in the Disk Management tool, without any unallocated disk space.
After following these steps, you're ready to resize your recovery partition. Let me know once you've done that, and I'll explain how to proceed.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
User avatar
Daehawk
Posts: 65690
Joined: Sat Jan 01, 2005 1:11 am

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Daehawk »

Done..its showing 232 now with 90 free
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Anonymous Bosch
Posts: 10698
Joined: Thu Oct 14, 2004 6:09 pm
Location: Northern California [originally from the UK]

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Anonymous Bosch »

Daehawk wrote: Tue Jun 25, 2024 9:42 am Done..its showing 232 now with 90 free
OK, so I'm going to reiterate the instructions from Microsoft, but with additional comments suitable for your system config:
support.microsoft.com wrote: Manually resize your partition by 250 MB
  1. Open a Command Prompt window (cmd) as admin.
  2. To check the WinRE status, run reagentc /info. If the WinRE is installed, there should be a “Windows RE location” with a path to the WinRE directory. An example is, “Windows RE location: [file://%3f/GLOBALROOT/device/harddisk0/partition4/Recovery/WindowsRE]\\?\GLOBALROOT\device\harddisk0\partition4\Recovery\WindowsRE.” Here, the number after “harddisk” and “partition” is the index of the disk and partition WinRE is on.
  3. To disable the WinRE, run reagentc /disable
  4. Shrink the OS partition and prepare the disk for a new recovery partition.
    1. To shrink the OS, run diskpart
    2. Run list disk
    3. To select the OS disk, run sel disk 1 This should be the same disk index as WinRE.
    4. To check the partition under the OS disk and find the OS partition, run list part and look for the Partition # of your 232 GB partition. This will be your (C:) drive (which I believe should be Partition 1, though if not, use the relevant Partition # in the following step).
    5. To select the OS partition, run sel part <OS partition index>
    6. Run shrink desired=250 minimum=250
    7. To select the WinRE partition, run sel part <WinRE partition index> (based upon your screenshot above, this should be Partition 2)
    8. To delete the WinRE partition, run delete partition override
  5. Create a new recovery partition.
    1. First, check if the disk partition style is a GUID Partition Table (GPT) or a Master Boot Record (MBR). To do that, run list disk. Check if there is an asterisk character (*) in the “Gpt” column. If there is an asterisk character (*), then the drive is GPT. Otherwise, the drive is MBR.

      i. If your disk is GPT, run create partition primary id=de94bba4-06d1-4d40-a16a-bfd50179d6ac followed by the command gpt attributes =0x8000000000000001

      ii. If your disk is MBR, run create partition primary id=27
    2. To format the partition, run format quick fs=ntfs label=”WinRE”
    3. If your disk is MBR, run set id=27
  6. To confirm that the WinRE partition is created, run list vol
  7. To exit from diskpart, run exit
  8. To re-enable WinRE, run reagentc /enable
  9. To confirm where WinRE is installed, run reagentc /info
Note If creation failed or you do not want to extend the WinRE partition, run reagentc /enable to re-enable WinRE.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
User avatar
Blackhawk
Posts: 46010
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Blackhawk »

I'm trying to figure out if this is one of the many updates I've installed (I update regularly), but neither of those articles give the ID number of the update itself, and everything I'm finding only links to the highly technical MS page intended for IT use. Any hints as to how this is identified to the end user?
What doesn't kill me makes me stranger.
User avatar
Rumpy
Posts: 13041
Joined: Sun Mar 27, 2005 6:52 pm
Location: Sudbury, Ontario, Canada

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Rumpy »

For me, it was part of a cumulative update (I think), so that may be partly why the update itself isn't identified. Although yes, it's annoying and I found it frustrating myself trying to figure out the particular update.
PC:
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
User avatar
Anonymous Bosch
Posts: 10698
Joined: Thu Oct 14, 2004 6:09 pm
Location: Northern California [originally from the UK]

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Anonymous Bosch »

Blackhawk wrote: Tue Jun 25, 2024 5:12 pm I'm trying to figure out if this is one of the many updates I've installed (I update regularly), but neither of those articles give the ID number of the update itself, and everything I'm finding only links to the highly technical MS page intended for IT use. Any hints as to how this is identified to the end user?
To find the security update for the CVE-2024-30078 vulnerability pertinent to your OS, just follow these steps:
  1. Click the link for CVE-2024-30078. This will take you to the details page for this vulnerability.
  2. Scroll down to the "Security Updates" section. Here, you will find all the relevant update IDs, support articles, and information for the various versions of Windows that are currently supported.
To determine which version of Windows you are running:
  1. Press the Windows key + R to open the Run dialog.
  2. Type "winver" and press Enter.
  3. The information displayed will show you the specific version of Windows you are using.
With this information, you should then be able to locate the relevant security update ID and support article for your particular version of Windows in the "Security Updates" section of the CVE-2024-30078 details page.

Rumpy's correct though, the necessary patch is included with the June 11, 2024 Cumulative Update for Windows, e.g. on my Windows 10 systems, the relevant update ID was KB5039211
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
User avatar
Blackhawk
Posts: 46010
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Blackhawk »

This is why people don't keep their PCs up to date.
What doesn't kill me makes me stranger.
User avatar
Kraken
Posts: 45054
Joined: Tue Oct 12, 2004 11:59 pm
Location: The Hub of the Universe
Contact:

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Kraken »

This is why we let them update themselves.

A few months ago I realized that my laptop hadn't updated itself in ever-so-long. Googling the error message brought up several different arcane procedures and one of them got it working again. Now if my PC wants me to reboot and my laptop doesn't, or vice versa, I notice.
User avatar
Carpet_pissr
Posts: 20793
Joined: Thu Nov 04, 2004 5:32 pm
Location: Columbia, SC

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Carpet_pissr »

How does Apple handle these kind of critical patches on macOS? MS should probably just copy whatever they do. :P
User avatar
Blackhawk
Posts: 46010
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Blackhawk »

Whatever it is, it probably doesn't involve the kind of IT-level workarounds described above. Luckily, this update installed just fine (I have one from last January that errors out every time I try to update - it's likely that same solution, but that is an absurd process for Microsoft to expect people to go through.

Of course, Windows 11 probably doesn't have any issues. :roll:

In 16 months it won't be an issue anymore - my PCs will be permanently out of date starting October of 2025. There isn't much that can be done about that - and the first person to say 'Linux' gets smacked.
What doesn't kill me makes me stranger.
User avatar
Isgrimnur
Posts: 84864
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Isgrimnur »

TPM modules are available and relatively cheap.
It's almost as if people are the problem.
User avatar
Blackhawk
Posts: 46010
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Blackhawk »

From what I've read, all of mine are still too old.
What doesn't kill me makes me stranger.
User avatar
Rumpy
Posts: 13041
Joined: Sun Mar 27, 2005 6:52 pm
Location: Sudbury, Ontario, Canada

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Rumpy »

Anonymous Bosch wrote: Tue Jun 25, 2024 6:13 pm
Rumpy's correct though, the necessary patch is included with the June 11, 2024 Cumulative Update for Windows, e.g. on my Windows 10 systems, the relevant update ID was KB5039211
See, it would have been useful if the articles mentioned the cumulative update and the ID of the update itself, but none of them did. They just mentioned there was an important update and not much else, which IMHO just as bad as not mentioning an important update at all and let people risk it. It's best to not let the uninitiated wonder when it comes to something critical. Now that you mention the specifics, I see it's been installed on June 11th.
PC:
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
User avatar
Daehawk
Posts: 65690
Joined: Sat Jan 01, 2005 1:11 am

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Daehawk »

Sry Ive not been back in here..been forgetting. Ill do this today....I thank you for sharing your time and knowledge with me.

EDIT: Ok gonna do it now. Also I hear one of the recent updates was just another win 11 nag.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
Biyobi
Posts: 5441
Joined: Wed Oct 13, 2004 12:21 pm
Location: San Gabriel, CA

Re: Update your Windows PC now to fix a serious Wi-Fi security flaw

Post by Biyobi »

Finally took the time to fix this because I was tired of seeing the error in Windows Update. I had a huge issue in that the recovery partition is located at the start of the disk, which meant that even after shrinking my C: partition, the recovery partition couldn't be expanded because the free space was at the end of the disk. It took the MiniTool Partition Wizard to slide everything over, the Boot Management Tool in the BIOS (to fix the boot issue caused by the MiniTool) as well as all the CMD window shenanigans to get everything working correctly. Finally completed the update successfully.
:horse:
Anonymous Bosch wrote: Tue Jun 25, 2024 9:05 am Firstly, in looking at your screenshot, it seems you have 23.29 GB of unallocated disk space on your OS drive.
If this was on an SSD, it was probably overprovisioning being enabled (~10% of the hard disk size.) When I started trying to fix the WinUpdate error, it saw the 10% overprovisioning I had allocated as free space and wanted to create a 190gb recovery partition. :shock:
Black Lives Matter
Post Reply