CERT-In Issues Advisory on Microsoft Windows Vulnerabilities

Vulnerabilities in Microsoft Windows: A CERT-In Advisory

The Indian Computer Emergency Response Team (CERT-In) has recently issued a cautionary advisory regarding several vulnerabilities identified in Microsoft Windows. These vulnerabilities affect Windows-based systems that utilize Virtualization Based Security (VBS) and Windows Backup. The versions impacted by this advisory include Windows 10, 11, and 12, along with various iterations of Windows Server.

What CERT-In Advisory Says

CERT-In's advisory highlights that “multiple vulnerabilities have been reported in Microsoft Windows which could allow an attacker to gain elevation of privilege on the targeted system.” This means that malicious actors could exploit these vulnerabilities to elevate their access rights, potentially reintroducing previously mitigated issues or circumventing VBS protections. The advisory categorizes the severity of this vulnerability as ‘medium’.

Software Affected

Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems

What Should Users Do?

According to CERT-In, there are currently no patches available for this vulnerability as of the publication date. Users are therefore advised to ensure their devices are updated to the latest versions to mitigate potential risks.

The advisory underscores the importance of maintaining up-to-date systems and being vigilant about security updates. While the vulnerabilities have been categorized as medium in severity, the potential for exploitation underscores the need for proactive measures. As always, staying informed and prepared is key to navigating the ever-evolving landscape of cybersecurity threats.

Which Microsoft Office is best for Windows 11 Home?

For Windows 11 Home, the best Microsoft Office suite would be Microsoft 365. It provides the latest version of the Office applications like Word, Excel, PowerPoint, and more, along with continuous updates, cloud storage via OneDrive, and access to additional features and tools. It supports seamless integration with Windows 11 and offers various subscription plans to cater to different needs, making it a versatile and future-proof choice.

How to get Windows 10 product key from Microsoft account?

To get your Windows 10 product key from your Microsoft account, follow these steps: 1. Go to the Microsoft Account website and sign in with the account used to purchase or activate Windows 10. 2. Navigate to the 'Services & subscriptions' section. 3. Find your Windows 10 purchase or device and click on 'View details.' 4. Your product key should be listed there. If it’s not visible, it may be embedded in the hardware or stored by Microsoft digitally linked to your account.