The Computer Emergency Response Team (CERT-in) has issued a warning for users of various Microsoft products including Windows 10, Windows 11 and Microsoft Office. The cybersecurity watchdog has reported security bypass vulnerabilities in Microsoft Windows products that could be exploited by the attacker to compromise the targeted system.<\/p>\n
The agency, which comes under the Ministry of Electronics & Information Technology, classified the vulnerability as \u2018critical\u2019 on the severity scale.<\/p>\n
\u201cMultiple vulnerabilities have been reported in Microsoft Windows which could allow an attacker to execute arbitrary code, bypass security features, and compromise the targeted system,\u201d Cert-In said.<\/p>\n
As per the agency, the vulnerabilities exist due to improper access restrictions within the proxy driver and insufficient implementation of the Mark of the Web (MoW) feature in Microsoft Windows.<\/p>\n
\u201cThe SmartScreen security feature protection mechanism bypasses the Mark of the Web (MotW) feature and allows malware to execute on a target system. The threat actors may exploit these vulnerabilities by sending specially crafted request,\u201d it added.<\/p>\n
Which Microsoft products are vulnerable
\nThe products include — Microsoft Windows, Microsoft Office, Developer Tools, Azure, Brower, System Center, Microsoft Dynamics, and Exchange Server.<\/p>\n
The agency advised users to apply appropriate security updates as mentioned in the company’s update guide.<\/p>\n
Earlier this year, CERT-in issued a warning for users of Windows 10 and Windows 11 users, saying a vulnerability in Microsoft Windows Kernel that could be exploited by the attacker to gain elevated privileges on the targeted system.<\/p>\n
It classified the vulnerability \u2013 spotted in both 32-bit and x64-based systems \u2013 as \u2018high\u2019 on the severity scale. It said the vulnerability exists in Microsoft Windows Kernel due to a flaw in the Kernel component.<\/p>\n","protected":false},"excerpt":{"rendered":"
The Computer Emergency Response Team (CERT-in) has issued a warning for users of various Microsoft products including Windows 10, Windows 11 and Microsoft Office. The cybersecurity watchdog has reported security bypass vulnerabilities in Microsoft Windows products that could be exploited by the attacker to compromise the targeted system. The agency, which comes under the Ministry of Electronics & Information Technology, classified the vulnerability as \u2018critical\u2019 on the severity scale. \u201cMultiple vulnerabilities have been reported in Microsoft Windows which could allow an attacker to execute arbitrary code, bypass security features, and compromise the targeted system,\u201d Cert-In said. As per the agency, […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[7],"tags":[],"class_list":["post-801045","post","type-post","status-publish","format-standard","hentry","category-it-2"],"acf":[],"_links":{"self":[{"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/posts\/801045","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/comments?post=801045"}],"version-history":[{"count":0,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/posts\/801045\/revisions"}],"wp:attachment":[{"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/media?parent=801045"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/categories?post=801045"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/tags?post=801045"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}