Microsoft windows

CERT-In issues alerts for vulnerabilities in Microsoft Windows Defender, VMware tools and GitLab

By Terry J. Morgan

Applying the security patches found on the Microsoft Security Bulletin, VMware, and the GitLab website is recommended to secure user systems.

Applying the security patches found on the Microsoft Security Bulletin, VMware, and the GitLab website is recommended to secure user systems.

High severity vulnerabilities can be exploited to gain higher privileges in Windows Defender Credential Guard and VMware, while a critical vulnerability in GitLab can be exploited to execute remote commands.

(Sign up for our technology newsletter, Today’s Cache, for insights into emerging themes at the intersection of technology, business and politics. Click here to subscribe for free.)

The vulnerability ratings were released by the Computer Emergency Response Team (CERT-In) on Wednesday.

In Windows Defender Credential Guard

The reported high severity vulnerability in Windows Defender can be exploited by an authenticated local attacker by escalating their privileges, thereby bypassing security restrictions.

Successful exploitation may compromise the security of affected systems.

The vulnerability in Windows Defender exists due to a flaw in the credential guard component.

Windows Defender Credential Guard is an essential software component that secures the operating system by isolating user credentials from the rest of the operating system.

In VMware tools

High severity vulnerabilities have been detected in VMware tools that affect Windows and Linux versions.

The vulnerability could be used by an authenticated local attacker to elevate privileges as the root user. This escalation can allow attackers to access critical components of the operating system, thereby compromising their security.

The vulnerability is said to exist in VMware tools due to inappropriate security restrictions, allowing attackers to elevate their privileges on affected systems.

In GitLab

A critical remote command execution vulnerability has been reported in GitLab, an open source code repository and software development platform.

The vulnerability in GitLab exists due to improper input validation in the import from the GitHub API endpoint.

It can be exploited by a remote user to transmit specially crafted data to the application and execute arbitrary commands, thereby compromising the security of affected systems.

Applying the security patch available on Microsoft Security Bulletin, VMware and GitLab website is suggested to fix the vulnerability.

Related posts:

  1. Should you consider upgrading to Microsoft’s Windows 11?
  2. Microsoft Windows Security Review: Minimum Effort
  3. Microsoft’s Windows Store Now Open to Third-Party App Stores
  4. Tech Matters: How To Switch Without Password With Microsoft Windows | News, Sports, Jobs
Terry J. Morgan
You might also like More from author

Comments are closed.