this post was submitted on 15 Jun 2024
11 points (82.4% liked)

Windows

410 readers
13 users here now

For all things Windows.

founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Spiralvortexisalie@lemmy.world 3 points 5 months ago

As someone else said there seems to be no public details. “Improper Input Validation” is about all the info given MSFT Source. It has also been reported a packet has to be sent, suggesting either being on same network or some kind of handshake issue (Source 1 Source 2). It is also said to evade conventional methods (like firewalls and canaries) so I have doubt you actually do need to be on the same network first. So If I had to guess there is some kind of issue with nearby share or wifi direct, since it affects sever versions also I can only assume something in the wifi direct implementation. Since input validation is mentioned and wifi direct can use pins, I would imagine there is some way to craft a special wifi direct packet that holds codes and windows just runs it and/or passes validation. I am just shooting in the dark but I don't see mitigation short of disabling wi-fi or updating.