Microsoft has issued an out-of-band patch for a blue screen of death (BSOD)-causing glitch introduced with the release of this week’s round of Patch Tuesday security fixes.
Some users have reported their devices crashing following the latest update, according to Windows Latest. Dubbed KB4601315, this round of fixes rectified 56 security flaws in Windows 10, including a critical zero-day vulnerability affecting the win32k component, being actively exploited by hackers in China.
Microsoft acknowledged the rollout of KB4601315 caused the BSOD to appear for a handful of users, revealing that devices stopped working when users attempted to connect to a Wi-Fi network through the Wi-Fi Protected Access 3 (WPA3) protocol.
Users will encounter “stop error 0x7E in nwifi.sys” when they attempt to use a WPA3 connection, the company confirmed. The emergency update, dubbed KB5001028, has now been released and should address the issue.
WPA3 is the most recent version of the security standard for wireless networks, introduced in January 2018. This added a number of improvements to security over WPA2, including stronger encryption and mitigations against weak passwords.
The Windows 10 bug caused by this week’s Patch Tuesday update should not affect too many devices considering WPA3 has yet to be adopted in the mainstream. Many devices with WPA3 support have been manufactured, but organisations and individuals across the world haven’t yet necessarily changed their WPA2 networking equipment.
Although the WPA3 standard isn’t as widely used as it one day will be, Microsoft still deemed this bug severe enough to release an out-of-band fix, something the company only does in emergency situations.
Previous out-of-band updates have normally been issued to fix critical flaws that render Windows devices vulnerable to exploitation by hackers.
Microsoft released emergency patches for high-risk Windows 10 and Windows Server 2019 remote code execution flaws affecting Windows Codecs Library in July 2020, for example. The firm also issued out-of-band updates to fix two further remote code execution bugs affecting Windows Codecs Library again as well as Visual Studio Code in October.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claimNews Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerabilityNews A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
-
A critical Ivanti flaw is being exploited in the wild – here’s what you need to knowNews Cyber criminals are actively exploiting a critical RCE flaw affecting Ivanti Connect Secure appliances
-
Researchers claim an AMD security flaw could let hackers access encrypted dataNews Using only a $10 test rig, researchers were able to pull off the badRAM attack
-
A journey to cyber resiliencewhitepaper DORA: Ushering in a new era of cyber security
