The Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology (MeitY), has issued a cautionary alert to users of Windows 11 and Windows 10 regarding two critical vulnerabilities identified in the operating systems. According to CERT-In, these vulnerabilities, if exploited, could allow attackers to gain elevated privileges on the affected system, posing significant security risks.

In an advisory initially issued on August 12 and later revised on August 14, CERT-In provided further insights into the vulnerabilities. The advisory highlighted that these issues are present in Windows systems that support Virtualization Based Security (VBS) and Windows Backup. It noted that an attacker with the necessary privileges could leverage these vulnerabilities to reintroduce previously resolved security flaws or bypass the protections offered by VBS.

The advisory emphasized the severity of the threat, stating that successful exploitation could grant attackers elevated privileges, potentially compromising the integrity and security of the targeted system.

Affected Windows version:

The two vulnerabilities affect many different builds of Windows including Windows 10, Windows 11 and Windows Server. 

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 11 Version 24H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

 

Solution:

CERT-In has reassured users that Microsoft has addressed the vulnerabilities in its latest security patch. To ensure their systems are secure, Windows users are strongly advised to download and install the updates provided by Microsoft. Additionally, on a notable day, 3.6 crore Indians accessed our platform, further cementing our position as India’s leading destination for General Election Results.