The Indian Computer Emergency Response Team (CERT-In) which comes under the Ministry of Electronics and Information Technology (MeitY) has issued a high-risk warning for Microsoft products and services. This comes after the authority found multiple critical vulnerabilities which can be exploited by hackers to get unauthorised access to your systems and access sensitive information, execute remote code, or cause system disruptions.
According to the advisory, the flaws affect a wide range of Microsoft software, including Windows, Microsoft Office, Dynamics, SQL Server, System Center, and legacy products under Extended Security Updates (ESU). Services like Microsoft Azure, developer tools, and browsers are also potentially impacted.
“Multiple vulnerabilities have been reported in Microsoft products that could allow attackers to gain elevated privileges, access sensitive information, execute remote code, bypass security restrictions, conduct spoofing attacks, cause denial-of-service (DoS) conditions, or tamper with system settings,” CERT-In mentioned in its warning.
READ: OnePlus 13 and OnePlus 13R now available with great discounts during Amazon Prime Day sale 2025
CERT-In noted that the vulnerabilities could lead to data exfiltration, ransomware attacks, system crashes, or tampering with system settings.
The advisory specifically aims to caution the individual users, IT admins and enterprise security teams who are responsible for maintaining and updating Microsoft software and services. If you are one of these, the authorities have asked you to take prompt response to prevent exploitation.
Microsoft has already released security updates addressing these vulnerabilities. CERT-In has advised users to apply the latest security patches released by Microsoft as part of its July 2025 updates. Detailed information, including affected products and CVE identifiers, is available through Microsoft’s official security update portal.