Govt issues warning for Microsoft Windows products
The Indian government's CERT-In agency has issued a 'critical' risk warning for Microsoft Windows products. Multiple vulnerabilities, which could allow an attacker to execute arbitrary code, bypass security features and compromise the targeted system, have been reported by the security agency. Affected software includes Windows Server 2012, Windows Server 2016 and some versions of Windows 10 and Windows 11.
CERT-In in its warning said, “Multiple vulnerabilities have been reported in Microsoft Windows which could allow an attacker to execute arbitrary code, bypass security features, and compromise the targeted system.” It added that the vulnerabilities exist due to improper access restrictions within the proxy driver and the inadequate implementation of the Mark of the Web (MoW) feature in Windows.
The warning added, “The SmartScreen security feature protection mechanism bypasses the Mark of the Web (MotW) feature and allows malware to execute on a target system. The threat actors may exploit these vulnerabilities by sending specially crafted requests.”
The products that are vulnerable as per the warning are — Microsoft Office, Microsoft Windows, Developer Tools, Brower, Azure, Microsoft Dynamics, System Center, and Exchange Server.
CERT-In has advised users to apply appropriate security updates as recommended in the company's update guide.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.