The Indian Computer Emergency Response Team (CERT-In), the government’s cybersecurity agency, has recently issued a cautionary alert aimed at Windows users. This advisory highlights several vulnerabilities discovered across various versions of Microsoft Windows, which could potentially enable attackers to gain elevated privileges on targeted systems. The vulnerabilities are particularly concerning for Windows systems that utilize Virtualisation-Based Security (VBS) and Windows Backup functionalities.
Affected Windows Versions
The vulnerabilities span a wide array of Windows versions, including:
- Windows 10: Versions 1607, 21H2, 22H2, and 1809, applicable to 32-bit, x64, and ARM64-based systems.
- Windows 11: Versions 21H2, 22H2, and 24H2, for x64 and ARM64-based systems.
- Windows Server: Windows Server 2016, 2019, 2022, including Server Core installations.
How to Stay Safe
As Microsoft has not yet rolled out security patches to address these vulnerabilities, users are encouraged to adopt several precautionary measures to safeguard their systems:
- Activate Firewall and Update Antivirus: Ensure that your system’s firewall is activated and that you have updated antivirus software installed. These tools are essential for detecting and blocking malicious activities.
- Be Vigilant Against Phishing Attempts: Cyber attackers often exploit vulnerabilities through deceptive emails and malicious links. Exercise caution when opening emails from unknown senders, and refrain from clicking on suspicious links or downloading unexpected attachments.
- Disable Unused Features: If certain features, such as Virtualization-Based Security (VBS) or Windows Backup, are not in use, consider temporarily disabling them. This can help minimize the attack surface and lower the risk of exploitation.
- Maintain Reliable Backups: Maintain a reliable and up-to-date backup of your important files. In the unfortunate event of a successful attack, having a backup can be crucial for quick data recovery.
- Stay Informed: Stay informed about updates from Microsoft and CERT-In. Promptly apply any patches released to address these vulnerabilities as soon as they become available.
By taking these steps, users can significantly reduce the risk of falling victim to potential cyber-attacks targeting these newly discovered vulnerabilities. While the wait for official patches continues, vigilance and proactive measures remain the best defense.