Summary
June 2024 Patch Tuesday led with CVE-2024-30078, a Windows Wi-Fi driver remote code execution flaw an unauthenticated attacker can trigger over the air from close range. The hosts compare it to war-driving for shells instead of open networks and dig into two Windows kernel privilege-escalation bugs (CVE-2024-30068 for system-level access and CVE-2024-30064 inside the running process) tied to app containers, where escapes are common enough that isolation cannot be trusted by default. They count 11 phishing-adjacent CVEs, including CVE-2024-30072, an RCE that fires when someone opens a malicious Microsoft Event Trace Log file. That makes for a clean lure against IT support. They close on the security fallout of Microsoft Recall and the record 5,000 CVEs published in a single month.
)
)
)
)
)