Skip to main content

Your PC’s security is being attacked on two new fronts

Your PC is facing a double whammy of cyber threats, both of them built into basic Windows features — one that exploits Windows search and another a Wi-Fi vulnerability.

The first vulnerability allows hackers to exploit search in what researchers have called a “clever” way, as reported by Trustwave. It begins when users are tricked into downloading malware, starting with phishing emails with malicious .ZIP attachments containing HTML files disguised as invoices or something along those lines.

When you open the HTML file, it opens your browser and engages with Windows Explorer’s search feature. Windows Explorer starts looking for anything called “INVOICE,” and then the search is relabeled to “Downloads,” which tricks the user into thinking they are viewing what they “downloaded.” A batch script is involved in this attack that, when activated, wakes up more malicious operations. At the moment, the type of malware the hackers were trying to distribute is now known.

To alleviate the situation, users can try turning off search-ms/search URI protocol handlers by erasing the related registry entries. To stay safe, users can be cautious in the email with the attachment they are getting; they can do things such as verify who the sender is, confirm the legitimacy, distrust attachments with a file extension you normally wouldn’t get, and if the email urges you to take immediate action, label it as a phishing scam.

The second vulnerability is a bit more dangerous. Microsoft is busy patching a security hole in the Windows Wi-Fi driver that allows hackers to run malicious code on a PC only when it is within a public Wi-Fi range. This vulnerability affects all modern versions of Windows Server and Windows. The attacker does not need prior access to your computer to do this. The weakness is characterized in CVE-202430078 and given a maximum severity of “Important.”

What’s also concerning is that the attack can bypass every authentication protocol and doesn’t need previous access rights or any user interaction. This vulnerability reminds us of the dangers of connecting to a public Wi-Fi network and the precautions that need to be taken. The flaw is called an Improper Input Validation security vulnerability, and unfortunately, it’s on all common versions of the Windows operating system.

Users can be affected if they have an unpatched version of Windows 11 or 10 or Windows Server versions from 2008 and on. Microsoft released a fix on June 11 that tackles 49 CVEs in Windows, Office, and their components. Azure Dynamic Business Central and Visual Studio are also included. These concurrent threats underscore the importance of remaining vigilant against cyberattacks and ensuring all software and security patches on your computer are up to date.

Judy Sanhz
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
This Chrome extension lets hackers remotely seize your PC
A depiction of a hacker breaking into a system via the use of code.

Malicious extensions on Google Chrome are being used by hackers remotely in an effort to steal sensitive information.

As reported by Bleeping Computer, a new Chrome browser botnet titled 'Cloud9' is also capable of logging keystrokes, as well as distributing ads and malicious code.

Read more
This Wi-Fi security flaw could let drones track devices through walls
Professor Ali Abedi flying Wi-Peep standing against brick wall.

A research team from the University of Waterloo has attached a device to a drone that can use vulnerabilities in Wi-Fi networks to see through walls.

Imagine intruders being able to track people by the devices they have on them or find weak spots in their homes. This alarming possibility has been proven by a device called Wi-Peep, which is essentially $20 of easily-purchasable hardware, an off-the-shelf quadcopter, and the work of Dr. Ali Abedi and his team at the University of Waterloo.

Read more