The Indian government has issued a high-risk cybersecurity advisory for Microsoft users, warning of multiple vulnerabilities that could put millions of systems at risk. The alert, released by the Indian Computer Emergency Response Team (CERT-In), highlights critical flaws across a wide range of Microsoft products.
According to the advisory, the vulnerabilities affect Microsoft Windows, Office, SQL Server, Dynamics, System Centre, Azure services, and even older software versions receiving Extended Security Updates (ESU). Microsoft has confirmed that the risks extend beyond its operating systems and productivity tools, impacting browsers, developer utilities, open-source software, and core enterprise solutions such as Dynamics 365 and System Centre.
CERT-In warned that attackers could exploit the flaws to gain elevated privileges, bypass critical security protections, and steal sensitive information such as documents and login credentials. The vulnerabilities also open the door for remote code execution, denial-of-service (DoS) attacks, data tampering, and system spoofing.
Experts suggest that these vulnerabilities could trigger serious consequences, including large-scale data breaches, ransomware campaigns, and prolonged operational downtime. Security professionals have described the advisory as one of the most severe of the year.
Also read: Lok Sabha passes bill to ban real-money online games: Full story in 5 points
Both CERT-In and Microsoft have urged immediate action. Organisations are recommended to patch affected systems promptly, as this is considered essential to prevent widespread breaches. Other users, too, are advised to update their software to the latest versions without delay.
Also read: Google Pixel 10 Pro vs Pixel 9 Pro: Price, camera, display, battery and more compared
Microsoft’s guidance includes installing all security patches, limiting administrative access to essential accounts, enabling multi-factor authentication, maintaining secure backups, and closely monitoring networks for unusual activity. Users are also encouraged to follow Microsoft’s official advisories for ongoing fixes and temporary workarounds.