New Delhi: The Indian government has issued a high-severity cybersecurity alert for users of Microsoft products, warning of critical vulnerabilities that could lead to data breaches, remote access, and system crashes. The advisory, released by the Indian Computer Emergency Response Team (CERT-In), urges immediate action from individuals and organizations using affected Microsoft software.
What’s Affected?
The vulnerabilities span a wide range of Microsoft products, including:
- Microsoft Windows (all supported versions)
- Microsoft Office (Word, Excel, Outlook, etc.)
- Microsoft Azure and Cloud Services
- Developer Tools
- Microsoft Dynamics
- Microsoft System Center
- Extended Security Updates (ESU) for legacy systems
These flaws can allow remote code execution (RCE), privilege escalation, sensitive data access, security bypass, spoofing, and denial-of-service (DoS) attacks.
Severity and Risks
CERT-In has rated the vulnerabilities as “high severity” due to the following potential consequences:
- Data leaks and unauthorized data access
- Ransomware and malware infections
- System crashes and performance disruptions
- Security breaches across enterprise networks
Given the widespread use of Microsoft products across India’s corporate and personal ecosystems, this advisory affects millions of users.
What Users Should Do
CERT-In and Microsoft recommend the following steps:
For Users:
- Install the latest Microsoft security patches immediately
- Avoid clicking on unknown links or downloading attachments from unverified sources
- Update antivirus and anti-malware tools regularly
- Refrain from using outdated or unsupported versions of Microsoft products
For System Administrators:
- Ensure patch deployment across all devices and servers
- Audit systems for unusual activity or access patterns
- Verify the integrity of installed software
- Maintain regular backups and review incident response protocols
