Cyber Security Vulnerability | Microsoft | Neuways – Technologist

As a Managed Service Provider (MSP), we are urging businesses and consumers to take immediate action in response to a newly discovered cyber security vulnerability affecting Windows operating systems. This vulnerability, identified as CVE-2024-30078, has been assigned a severity rating of 8.8 out of 10 by the Common Vulnerability Scoring System (CVSS). Below, we talk about the vulnerability and also address many cyber security issues faced by businesses that won’t necessarily take cyber threats seriously.

How does this Cyber Threat work?

The critical nature of this vulnerability lies in its ability to be exploited remotely, although it does require physical proximity. An unauthenticated attacker can leverage this flaw to execute remote code on a compromised device without user interaction or prior access to the system’s settings or files. This is perhaps one of the most common but scary cyber threats, as businesses are limited as to how they can defend against it with Managed Cyber Security. Neuways are able to help with this from our Derby base.

Why it is important to be alert to Cyber Threats to businesses

It’s crucial to understand that this vulnerability poses a significant risk as it affects all supported versions of Windows, not just older iterations. Microsoft has underscored the gravity of the threat by confirming that an attacker with physical proximity can “expect repeatable success against the vulnerable component.” Despite Microsoft’s assertion that exploitation is “less likely” due to the proximity requirement, many security researchers are still concerned about the potential for rapid exploitation.

This vulnerability underscores the need for vigilance. It does not rely on tricking the user into clicking a link or opening a file. No action is required from the device user for the attack to succeed, making it a particularly insidious threat. What makes this threat very scary to business owners is that even if employees are vigilant against cyber threats, they won’t necessarily be aware that anything is happening. Even the utmost security awareness training would not necessarily mean that your business is safe from this type of threat.

Microsoft has addressed Security Vulnerability

Rest assured, Microsoft has responded swiftly by releasing a security update as part of the June 2024 Patch Tuesday. Neuways strongly advises all Windows users to apply this patch immediately to safeguard against potential exploits, providing a reliable solution to this critical vulnerability.

This discovery coincides with a challenging period for Microsoft, which has recently postponed the rollout of Windows Recall, a controversial AI feature in Windows 11 designed to take periodic screenshots and save them locally. The vulnerability highlights significant risks, as any data saved to disk without robust cyber security measures could be easily accessed by an attacker exploiting this flaw.

Stay alert to limit your Cyber Security Vulnerability

As an MSP dedicated to protecting your business, Neuways emphasises staying updated with the latest security patches and maintaining a proactive approach to cybersecurity. Please get in touch with us for assistance with implementing these updates or for more information on safeguarding your systems.

Be Cybersafe, Stay Updated, Stay Secure with Neuways.