CERT-In raises warning for certain Windows Users

The Indian Computer Emergency Response Team (CERT-In) has raised a warning for users of Windows operating system including the Windows 10, Windows Server and the new Windows 11.  

According to CERT-In, a loophole has been reported in Windows DNS server which could be exploited by an attacker to execute arbitrary code on the targeted systems.  

The warning further informs that this vulnerability exists in Windows DNS server due to a flaw in DNS server component. A remote attacker can misuse this vulnerability by sending a customised request. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the targeted system. 

Users need to install the latest update released by Microsoft to evade the exploitation.  

CERT-In’s official website has listed down links that can help update pages for the aforesaid mentioned apps.   

• Windows 10 Version 21H2 for x64-based Systems  
• Windows 10 Version 21H2 for ARM64-based Systems  
• Windows 10 Version 21H2 for 32-bit Systems  
• Windows 10 Version 20H2 for ARM64-based Systems  
• Windows 10 Version 20H2 for 32-bit Systems  
• Windows 10 Version 20H2 for x64 based Systems  
• Windows 10 Version 21H1 for 32-bit Systems  
• Windows 10 Version 21H1 for ARM64-based Systems  
• Windows 10 Version 21H1 for x64-based Systems  
• Windows 10 Version 1909 for ARM64-based Systems  
• Windows 10 Version 1909 for x64 based Systems  
• Windows 10 Version 1909 for 32-bit Systems  
• Windows 11 for ARM64-based Systems  
• Windows 11 for x64 based Systems  
• Windows Server, Version 20H2 (Server Core Installation)  
• Windows Server 2022 Azure Edition Core Hotpatch  
• Windows Server 2022 (Server Core installation)  
• Windows Server 2022