CERT-In finds multiple bugs in Microsoft products, advises users to update


New Delhi, April 12 (IANS): The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, on Friday warned users of multiple vulnerabilities in Microsoft products which could allow an attacker to obtain information disclosure, bypass security restriction and cause denial-of-service (DoS) conditions on the targeted system.

The products include -- Microsoft Windows, Microsoft Office, Developer Tools, Azure, Brower, System Center, Microsoft Dynamics, and Exchange Server.

"Multiple vulnerabilities have been reported in Microsoft products which could allow an attacker to gain elevated privileges, obtain information disclosure, bypass security restrictions, conduct remote code execution attacks, perform spoofing attacks, or cause denial of service conditions," said the CERT-In advisory.

In Microsoft Windows, the cyber agency said the vulnerabilities exist due to improper access restrictions within the proxy driver and insufficient implementation of the Mark of the Web (MotW) feature.

The agency advised users to apply appropriate security updates as mentioned in the company's update guide.

Meanwhile, CERT-In has warned users of multiple vulnerabilities in Android and Mozilla Firefox web browsers which could allow an attacker to obtain sensitive information, execute arbitrary code and cause DoS conditions on the targeted system.

As per the advisory, 'Android 12, 12L, 13, 14', and 'Mozilla Firefox versions prior to 124.0.1 and Mozilla Firefox ESR versions before 115.9.1' were the affected software versions, respectively.

-

  

Top Stories


Leave a Comment

Title: CERT-In finds multiple bugs in Microsoft products, advises users to update



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.