Government has a warning for Windows users: What is it & why it matters?

What does the warning say?

The vulnerability is marked as ‘high’ under the severity ranking and can allow hackers to gain access to the victim’s computer, bypassing the security restrictions. According to the agency, the vulnerability exists due to a flaw in the Credential Guard component of the Windows Defender.

In its warning, CERT-In says that “privilege escalation and security bypass vulnerabilities have been reported in Windows Defender Credential Guard which could allow a local authenticated attacker to bypass security restrictions and gain elevated privileges on the targeted system.”

Which Windows versions are affected?

As per CERT-In, list of affected versions include

– Windows 11 for ARM64-based Systems

– Windows 11 for x64-based Systems

– Windows 10 Version 1607 for x64-based Systems

– Windows 10 Version 1607 for 32-bit Systems

– Windows 10 for x64-based Systems

– Windows 10 for 32-bit Systems

– Windows 10 Version 21H2 for x64-based Systems

– Windows 10 Version 21H2 for ARM64-based Systems

– Windows 10 Version 21H2 for 32-bit Systems

– Windows 10 Version 20H2 for ARM64-based Systems

– Windows 10 Version 20H2 for 32-bit Systems

– Windows 10 Version 20H2 for x64-based Systems

– Windows 10 Version 21H1 for 32-bit Systems

– Windows 10 Version 21H1 for ARM64-based Systems

– Windows 10 Version 21H1 for x64-based Systems

– Windows 10 Version 1809 for ARM64-based Systems

– Windows 10 Version 1809 for x64-based Systems

– Windows 10 Version 1809 for 32-bit Systems

– Windows Server 2022 (Server Core installation)

– Windows Server 2022

– Windows Server 2019 (Server Core installation)

– Windows Server 2019

– Windows Server 2016 (Server Core installation)

– Windows Server 2016

– Windows Server, version 20H2 (Server Core installation)

The CERT-In advisory has asked users to install the appropriate patch for the Windows Defender mentioned in Microsoft Security Bulletin.

First article