Using a Windows-based desktop computer? If that’s the case, you should be aware that the Indian government has issued a severe security alert targeting you specifically. Warning all Windows users of a potentially critical vulnerability, the Indian Computer Emergency Response Team (CERT-In) operates under the Ministry of Electronics and Information Technology (Meity).
It is imperative that users update their gadgets quickly. The company has been made aware of a security hole in Windows Defender, the anti-malware software included in some editions of Microsoft Windows.
For Windows users, what exactly is the warning?
According to CERT-In and Microsoft experts, this is one of the most serious security alerts to be issued in recent memory. It is also emphasized that the high degree of vulnerability may make it possible for hackers to gain access to a computer without being detected by security measures.
There is a flaw in Windows Defender’s Credential Guard feature that allows a locally authenticated attacker to bypass protections and get administrative privileges on the compromised system. The flaw that activates the safety mechanism is a classic example of a zero-day exploit.
What this means is that it is not known until it is put to practical use. It can impersonate a legitimate user, gaining access to the entire network as a result. Companies and organizations who rely on domains to manage every computer and user account connected to the system may experience major consequences as a result of this.
Experts in the field of information security estimate that this flaw will be identified in the year 2021. Approximately 1.5 billion people worldwide are using Windows right now. Professionals also believe that the newly identified vulnerability affects around 43 distinct Microsoft versions.
An alert from the Computer Emergency Readiness Team (CERT) claims that Windows Defender Credential Guard has been found to have vulnerabilities that could allow a locally authenticated attacker to bypass security constraints and gain elevated access to the targeted system.
