CERT-In issues warning for Microsoft Windows, Office products: Know why

A new CERT-In advisory warns of critical flaws in Microsoft software that could let attackers steal data, run malicious code, or bypass system protections

Indian Computer Emergency Response Team (CERT-In) has issued a high-severity warning for users of Microsoft Windows and Office products. CERT-In, in an advisory, warned users regarding a range of security flaws in Microsoft products, which leave them vulnerable to cyberattacks. Since Microsoft Windows and Office products are used widely across the nation, the Central government agency has stated that this vulnerability exposes both individual users as well as enterprises to risk.

What did CERT-In say?

According to the advisory shared by CERT-In, security flaws have been identified in a range of Microsoft products that could allow attackers to gain elevated privileges, access sensitive data, execute remote code, and bypass existing security protocols.

 

In some cases, they may also enable spoofing attacks, tampering with system configurations, or cause denial-of-service (DoS) disruptions. CERT-In has urged users and administrators to take prompt action to secure their systems and prevent potential exploitation.

Affected software

The vulnerabilities impact a broad range of Microsoft offerings, including:

• Microsoft Windows (all supported versions)
• Microsoft Office (Word, Excel, Outlook)
• Microsoft Dynamics
• Azure cloud services
• Microsoft SQL Server
• System Centre and Developer Tools
• Extended Security Update (ESU) programs for older Windows versions
• Microsoft Edge browser and other Microsoft apps

If you use a Windows PC or use Microsoft Office or any related service, then it is possible that your system might be at risk.

 

As per CERT-In, Microsoft has confirmed the presence of these security flaws and released a comprehensive advisory outlining the affected products and necessary patches. Fixes have been rolled out through the latest cumulative updates for Windows and other impacted services. While the company states there are no known cases of active exploitation at this time, it strongly urges users to apply the updates without delay.

How to safeguard yourself?

• To safeguard your systems, CERT-In recommends the following steps:
• Make sure Windows and Office are fully updated
• Turn on automatic updates via system Settings
• Restart your device after applying updates
• Refrain from opening files or clicking on links from untrusted sources
• Keep your antivirus programs and firewalls up to date