New Delhi: The government of India has released a high-security warning for people using desktops powered by Windows. The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology (Meity), has issued an advisory for all Windows users stating that Windows may have a severe vulnerability. Users have been asked to update their devices immediately.
The organisation has been alerted of a security flaw that could harm Windows Defender, the programme that protects Windows from viruses, malware, and other threats, in some versions of Microsoft Windows, according to India Today.
The warning
Experts from CERT-In and Microsoft claim that the current situation is one of the high-level security emergencies issued in a long time. It is also highlighted that because of the high degree of vulnerability, hackers may be able to access a computer without being detected by security measures. It has been noted that the Windows Defender’s Credential Guard component has a bug, as a result, that enables a locally authenticated attacker to go around security measures and acquire elevated access to the targeted system.
The bug that triggers the default fits the zero-day vulnerability category. This indicates that it is only discovered when in use. It can spoof and appear to be an authorized user, giving it access to the entire domain. This can cause serious repercussions for companies and organizations that use domains to control every machine or account linked to the system as a whole.
According to an analysis carried out by some security professionals around the world, this vulnerability was reportedly discovered in the year 2021. Currently, there are about 1.5 billion active Windows users. Experts also estimate that the recently discovered vulnerability affects about 43 different Microsoft versions.
CERT-warning states that privilege escalation and security bypass vulnerabilities have been reported in Windows Defender Credential Guard which could allow a locally authenticated attacker to bypass security restrictions and gain elevated privileges on the targeted system.
Here is the list released by CERT-In mentioning Windows versions affected by the vulnerability-
List of affected Windows version
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server, version 20H2 (Server Core installation)
The CERT-In advisory has asked users to install the appropriate patch for the Windows Defender mentioned in Microsoft Security Bulletin. To update, users can simply go to the settings tab and install the latest update. If the auto-update option is enabled, then your device will be updated to the latest software version automatically.
