The Indian Computer Emergency Response Team or CERT-In has issued a high risk warning to users of various Microsoft services. The Indian cybersecurity agency has found multiple vulnerabilities in Microsoft products and has issued a high severity rating to the issue. The vulnerabilities affect a number of Microsoft software, including Microsoft Windows, Microsoft Office, Microsoft Developer Tools, its Azure services, Bing, System Center, Microsoft Dynamics, and Exchange Server.
Microsoft Exchange Server is a tool used by businesses to help them work together. It has things like email, calendars, contacts, and schedules all in one place. People can check their emails using programs like Microsoft Outlook. Plus, it works well with other Microsoft Office programs.
And the current set of vulnerabilities that have been found by CERT-In affect all these services mentioned above. Which means, anyone using any of these services could be a possible target of vulnerability.
The CERT-In website reveals that multiple vulnerabilities were reported in Microsoft Products. Reportedly, these security loopholes could allow an attacker to “gain elevated privileges, obtain Information Disclosure, Bypass Security restriction, conduct remote code execution attacks, perform spoofing attacks, or cause denial of service conditions”. This basically means that these vulnerabilities might let a hacker do things like get more power, find out secret info, get around security rules, control your computer remotely, trick you with fake links, or even stop your computer from working.
A separate set of vulnerabilities also affects Windows OS. The CERT-In website has listed the below-mentioned versions of Windows OS as the affected ones:
âââ â Windows 10 Version 1607 for x64-based Systems
âââ â Windows 10 Version 1607 for 32-bit Systems
âââ â Windows 10 for x64-based Systems
âââ â Windows 10 for 32-bit Systems
âââ â Windows 11 Version 23H2 for x64-based Systems
âââ â Windows 11 Version 23H2 for ARM64-based Systems
âââ â Windows 10 Version 22H2 for 32-bit Systems
âââ â Windows 10 Version 22H2 for ARM64-based Systems
âââ â Windows 10 Version 22H2 for x64-based Systems
âââ â Windows 11 Version 22H2 for x64-based Systems
âââ â Windows 11 Version 22H2 for ARM64-based Systems
âââ â Windows 10 Version 21H2 for x64-based Systems
âââ â Windows 10 Version 21H2 for ARM64-based Systems
âââ â Windows 10 Version 21H2 for 32-bit Systems
âââ â Windows 11 version 21H2 for ARM64-based Systems
âââ â Windows 11 version 21H2 for x64-based Systems
âââ â Windows 10 Version 1809 for ARM64-based Systems
âââ â Windows 10 Version 1809 for x64-based Systems
âââ â Windows 10 Version 1809 for 32-bit Systems
The vulnerabilities in Microsoft Windows could allow an attacker into your computer and take charge or steal information remotely.
Such vulnerabilities take place because the computer doesn’t protect itself well enough. One problem, according to CERT-In, is with a feature called SmartScreen, which is supposed to keep a device safe of malware. However, due to the vulnerability, it is actually letting the malware in. This means, a hacker can take advantage of these security loopholes by sending special requests. If they succeed, they can take control of your computer or make it do things it shouldn’t.
How do you keep yourself safe from such vulnerabilities, you ask? Always ensure your device is up-to-date with the latest updates. These timely updates are meant to patch vulnerabilities or any security loophole that may exist in a product or software that you are using.
Published By:
Nandini Yadav
Published On:
Apr 15, 2024
