India’s cybersecurity nodal agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-risk advisory warning users and organisations about multiple vulnerabilities affecting Microsoft products. The advisory, released on August 18, carries a “high severity” rating and impacts widely used software, including Windows, Office, Dynamics, SQL Server, Azure, Developer Tools, System Center, and even older legacy products.
According to CERT-In, which functions under the Ministry of Electronics and Information Technology (MeitY), the flaws could be exploited by malicious actors to gain elevated privileges, steal sensitive information, execute remote code, spoof system identities, tamper with configurations, and even trigger denial-of-service conditions. The agency warned that attackers could potentially compromise entire systems, cause instability, exfiltrate critical data, and launch ransomware attacks.
Highlighting the gravity of the issue, CERT-In noted that the vulnerabilities open the door to “remote code execution, system instability and the stealing of sensitive information.” Since the risks extend across multiple Microsoft applications, both individuals and enterprises are considered vulnerable.
In response, Microsoft has urged all users to install the latest security updates without delay. The company also recommended that IT administrators and security teams adopt additional safeguards, such as restricting administrative privileges to limited accounts, enforcing strong authentication, setting up robust backup systems, and closely monitoring network traffic for suspicious activity.
CERT-In has also flagged a separate vulnerability in the desktop version of Google Chrome, warning that attackers could exploit the flaw to remotely execute arbitrary code on a victim’s system. This issue, the agency noted, applies to both individual users and enterprise organisations relying on Chrome as their primary browser.
With the growing sophistication of cyberattacks, cybersecurity experts stress that keeping systems updated remains one of the most effective ways to prevent exploitation. The dual advisories serve as a reminder that cyber hygiene practices—such as patching systems promptly, monitoring for anomalies, and limiting access to sensitive privileges—are essential for safeguarding against evolving threats.
, has issued a high-risk advisory warning users ...){kind=link}