The Indian government’s cyber security agency CERT-In has issued a high-severity warning for millions of Microsoft users after identifying multiple critical vulnerabilities across widely used Microsoft products. The alert, flagged on August 18, 2025, warns that the flaws could allow attackers to crash systems, steal sensitive data, or take unauthorized control of devices if not patched immediately.
Which Microsoft Products Are Affected?
The vulnerabilities affect a wide range of Microsoft tools, including:
-
Windows Operating Systems (including older ESU versions)
-
Microsoft Office Suite & Browsers
-
SQL Server
-
Dynamics & System Center
-
Developer Tools & Open-Source Software
-
Enterprise Applications & Azure Cloud Services
This means both individual users and large organizations are at risk.
Potential Threats
According to CERT-In, these vulnerabilities could allow hackers to:
-
Gain elevated access privileges
-
Steal files and sensitive information
-
Execute malicious code remotely
-
Bypass existing security controls
-
Launch denial-of-service (DoS) attacks to crash systems
-
Tamper with system settings or spoof legitimate operations
Such capabilities make the vulnerabilities particularly dangerous for enterprises managing critical infrastructure.
What Should Users Do?
Microsoft has urged all users to install the latest security patches immediately. Alongside updates, experts recommend:
-
Limiting administrative privileges to essential accounts
-
Using strong authentication & backups
-
Monitoring systems and networks for suspicious activity
CERT-In has stressed that timely patching is the only effective safeguard, as attackers are actively exploiting such vulnerabilities worldwide.
The warning highlights the importance of staying updated with Microsoft’s official advisories, as additional fixes and workarounds will continue to be released in the coming weeks.
Leave a Reply