The Indian Computer Emergency Response Team( CERT-In) , under the Ministry of Electronics and Information Technology, has issued an advisory for all Windows users alerting about a security flaw that could harm Windows Defender, the programme that protects Windows from viruses, malware, and other threats, in some versions of Microsoft Windows.
The new security issue has been discovered in Microsoft Defender, the software which actually protects your PC from virus, malware and more. The Windows Defender’s Credential Guard component has a bug that enables a locally authenticated attacker to go around security measures and acquire elevated access to the targeted system. Users are asked to update their devices immediately.
The post says that Windows users face a security concern in the Credential Guard tool of Windows Defender, which comes pre-installed on most Windows PCs. The issue that causes the default falls under the heading of a zero-day vulnerability. This suggests that it is only found while it is being used. It has access to the entire domain because it can spoof and seem to be an authorised user. For businesses and organisations that use domains to manage each machine or account connected to the system as a whole, this could have very negative effects.
Expert says that, there are around 1.5 billion active Windows users at the moment. The recent vulnerability is thought to affect roughly 43 distinct Microsoft versions, according to experts. The CERT-In vulnerability report states, “privilege escalation and security bypass vulnerabilities have been reported in Windows Defender Credential Guard which could allow a local authenticated attacker to bypass security restrictions and gain elevated privileges on the targeted system."
CERT-In informs that Microsoft has already issued a software fix for this issue, and is asking Windows PC users with these versions running on their machines to update their systems right away. Microsoft has shared the details of this Windows Defender patch in the Microsoft Security Bulletin.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
