CERT-In Issues High-Severity Warning for Microsoft Product Vulnerabilities

By: Harsh Vardhan

|

Updated on: 28-Apr-2026 12:00 AM

993 views

Follow Us:

993 views

India’s cybersecurity agency CERT-In has issued a high-severity warning for users of Microsoft products. The advisory, released on Monday, highlights critical security flaws affecting several Microsoft software platforms. These include multiple versions of Windows, Windows Server, Microsoft Office, and the Chromium-based Microsoft Edge browser.

Key Highlights

• CERT-In issues high-severity warning for Microsoft product vulnerabilities.
• Flaws affect Windows, Windows Server, Office, and Edge browser.
• Attackers may gain system privileges or access sensitive data.
• CERT-In urges immediate application of Microsoft security updates.

CERT-In warns that these vulnerabilities could allow attackers to execute malicious code, gain elevated system privileges, access sensitive data, or disrupt essential services. Both individual users and organizations using the affected software versions are at risk.

Details of Security Flaws

The vulnerabilities stem from issues such as improper input validation, memory corruption, insufficient access control, and improper handling of objects in memory. CERT-In explains that attackers may exploit these weaknesses either remotely or locally. In some scenarios, user interaction is required, such as opening a crafted file or visiting a malicious website. In other cases, attackers may exploit the flaws without any authentication or user action.

If exploited, these vulnerabilities could give attackers control over affected systems. This may enable them to run arbitrary commands, bypass security measures, or compromise confidential information. The risks are significant for enterprises and government agencies that depend on Microsoft’s ecosystem for daily operations.

Recommended Actions for Users

CERT-In operates under India’s Ministry of Electronics and Information Technology. The agency urges all users and organizations to take immediate action to protect their systems. Applying the latest security updates released by Microsoft is strongly recommended to mitigate these risks.

Timely updates are crucial to prevent attackers from exploiting these vulnerabilities. Users should regularly check for updates and ensure all Microsoft products are running the latest security patches. Organizations should also review their security policies and educate employees about potential threats.

The advisory underscores the importance of maintaining updated software and following best security practices. Taking prompt action can help reduce the risk of unauthorized access and data breaches linked to these vulnerabilities.