Multiple vulnerabilities detected on Microsoft Windows devices: CERT-In

With the increase in usage of smartphones and computers for work and information, cybercriminals are preying on naive device users to steal their financial and personal details.

They are coming up with ingenious ways to find security vulnerabilities to break the security of the devices. Earlier this month, Google and Apple rolled out security patches to respective devices to protect them against cyber threats.

The Indian Computer Emergency Response Team (CERT-In) has now detected multiple security loopholes on computers with Microsoft Windows OS (v10 and v11).

"The vulnerabilities exist due to improper access restrictions within the proxy driver and insufficient implementations of the Mark of the Web (MotW) feature in Microsoft Windows. The SmartScreen security feature protection mechanism bypasses the MotW feature and allows the malware to execute on a target system. The threat actors may exploit these vulnerabilities by sending specially crafted requests. Successful exploitations of these vulnerabilities could allow an attacker to execute arbitrary code, bypass security features and compromise the targeted system," reads the CERT-In alert.

Microsoft has acknowledged the cyber threat and has rolled out the security patch to respective Windows OS devices.

The Redmond-based company has also thanked Andreas Klopsch of Sophos X-Ops, Peter Girnus (gothburz) of Trend Micro's Zero Day Initiative and Dmitrij Lenz and Vlad Stolyarov of Google's Threat Analysis Group, for their contribution to the timely detection of the vulnerabilities.

Device owners are advised to upgrade their Windows computers (with v10 and v11) to the latest security update to protect themselves from malware.

Here are some tips on how to safeguard your device from cyber threats:

1) Never open emails and click URL links sent by unknown senders

2) Always install apps from official stores such as Microsoft, Google Play and Apple App Store.

3) Avoid side-loading any applications to your device

4) Try to change passwords at least once a month or turn on the passkey feature on your devices

5) It is good practice to install good anti-virus applications such as Kaspersky, McAfee, Sophos, Norton, and ESET

Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.