The Indian Computer Emergency Response Team (Cert-in) Has Issured an advisory regarding multipletes affecting Microsoft’s Windows Operating Systems. Two Separate Vulnerabilites were found in Various Builds of Windows 10, Windows 11, and Windows Server, The Company’s Platform for Running Network-Based Applications. The cybersecurity agency has flagged these vulnerabilites as medium risk. While No Security Patches for Them Exist Currently, Microsoft Has Released A Set of Actions Users can take to Safeguard Themselves. Notable, Cert-in highlighted Several Security Flaws in Older Apple operating systems earlier this month.
Cert-in Issues Advisory for Microsoft Windows OS
In an an advisory Issued on Monday (August 12), the cybersecurity agency highlighted two different vulnerabilites in windows os. These Security Flaws can allow an attacker to gain unauthorized privateges on the targeted system.
“These vulnerabilites exist in windows-based systems supporting virtualization based security (VBS) and windows backup. An attacker with approves Privileges Cold Exploit these vulnerabilites to reintroduce previously mitigated issues or bypass vbsos protections, “Said crt-in.
The two vulnerabilites have been labelled cve-2024-21302 and cve-2024-38202 by the nodal agency, which comes under the ministry of Electronics and Information Technology (Meeting). Here, Cve Stands for Common Vulnerabilityes and Exposures, and the Format is a standardized method of identifying and describing security flws in software. The full list of affected Windows Software is shared below.
- Windows Server 2016 (Server Core Installation)
- Windows Server 2016
- Windows 10 Version 1607 for X64-Based Systems
- Windows 10 Version 1607 for 32-BIT Systems
- Windows 10 for X64-Based Systems
- Windows 10 for 32-BIT Systems
- Windows 11 Version 24h2 for X64-Based Systems
- Windows 11 Version 24h2 for Arm64-Based Systems
- Windows Server 2022, 23h2 Edition (Server Core Installation)
- Windows 11 Version 23h2 for X64-Based Systems
- Windows 11 Version 23h2 for Arm64-Based Systems
- Windows 10 Version 22H2 for 32-BIT Systems
- Windows 10 Version 22H2 for Arm64-Based Systems
- Windows 10 Version 22H2 for X64-Based Systems
- Windows 11 Version 22H2 for X64-Based Systems
- Windows 11 Version 22H2 for Arm64-Based Systems
- Windows 10 Version 21h2 for X64-Based Systems
- Windows 10 Version 21h2 for Arm64-Based Systems
- Windows 10 Version 21h2 for 32-BIT Systems
- Windows 11 Version 21h2 for Arm64-Based Systems
- Windows 11 Version 21h2 for X64-Based Systems
- Windows Server 2022 (Server Core Installation)
- Windows Server 2022
- Windows Server 2019 (Server Core Installation)
- Windows Server 2019
- Windows 10 Version 1809 for Arm64-Based Systems
- Windows 10 Version 1809 for X64-Based Systems
- Windows 10 Version 1809 for 32-BIT Systems
As per the advisory, currently, there are no security patches available for the security flaws. While this presents a concerning situation, the scope of the vulnerability is not very wide as the attacker needs to hold some privatege with the system before exploiting these flaws.
Microsoft have also posted a set of recommended actions For Each of the vulnerability to help users mitigate the potential for an ass. The tech giant has also highlighted that the cve will be updated and the users will be notified once a security update is ready to be shipped.
For the latest tech news and reviewsFollow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google NewsFor the latest videos on gadgets and tech, subscribe to our YouTube channelIf you want to know everything about top influencers, Follow our in-House Who’sthat360 on Instagram and YouTube,
(Tagstotranslate) Cert in Warning Mulnerabilites Microsoft Windows 10 11 Server OS CERT IN (T) Windows 10 (T) Windows 11 (T) Microsoft (T) Cybersoft (T) Cybesecurity (T) india