New Delhi: The government of India has released a high-security warning for people using desktops powered by Windows. The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology (Meity), has issued an advisory for all Windows users stating that Windows may have a severe vulnerability. Users have been asked to update their devices immediately.
The organisation has been alerted of a security flaw that could harm Windows Defender, the programme that protects Windows from viruses, malware, and other threats, in some versions of Microsoft Windows, according to India Today.
Experts from CERT-In and Microsoft claim that the current situation is one of the high-level security emergencies issued in a long time. It is also highlighted that because of the high degree of vulnerability, hackers may be able to access a computer without being detected by security measures. It has been noted that the Windows Defender’s Credential Guard component has a bug, as a result, that enables a locally authenticated attacker to go around security measures and acquire elevated access to the targeted system.
The bug that triggers the default fits the zero-day vulnerability category. This indicates that it is only discovered when in use. It can spoof and appear to be an authorized user, giving it access to the entire domain. This can cause serious repercussions for companies and organizations that use domains to control every machine or account linked to the system as a whole.
According to an analysis carried out by some security professionals around the world, this vulnerability was reportedly discovered in the year 2021. Currently, there are about 1.5 billion active Windows users. Experts also estimate that the recently discovered vulnerability affects about 43 different Microsoft versions.
CERT-warning states that privilege escalation and security bypass vulnerabilities have been reported in Windows Defender Credential Guard which could allow a locally authenticated attacker to bypass security restrictions and gain elevated privileges on the targeted system.
Here is the list released by CERT-In mentioning Windows versions affected by the vulnerability-
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server, version 20H2 (Server Core installation)
The CERT-In advisory has asked users to install the appropriate patch for the Windows Defender mentioned in Microsoft Security Bulletin. To update, users can simply go to the settings tab and install the latest update. If the auto-update option is enabled, then your device will be updated to the latest software version automatically.
Berhampur: Hundreds of thalassemia and sickle cell patients on Tuesday staged a demonstration demanding a…
Mumbai: Actress Samantha Ruth Prabhu and her ex-husband actor Naga Chaitanya have moved on after…
Mumbai: Amidst rumours of their divorce, Bollywood queen Aishwarya Rai asked women to stand up…
Bhubaneswar: Prime Minister Narendra Modi will participate in a roadshow on his arrival at Bhubaneswar…
New York: Elon Musk, father of 12 children with different partners, has led an eventful…
Bhubaneswar: Vigilance has apprehended a college principal while taking a bribe of Rs 1 lakh…
Mumbai: Ahead of the release of Allu Arjun's highly-anticipated ‘Pushpa: The Rule’, one of the…
Bhubaneswar: The Odisha government has rejected the application of IAS officer Sujata R Karthikeyan for…