- CERT-In alerts users to critical vulnerabilities in various Microsoft products, including Windows and Office.
- Attackers could exploit these flaws to access sensitive data and initiate denial-of-service attacks.
- Users urged to apply security updates promptly to mitigate risks and safeguard their systems.
CERT-In, under the Ministry of Electronics & Information Technology, has issued a warning regarding significant vulnerabilities present in multiple Microsoft products. These vulnerabilities, spanning Microsoft Windows, Office, Azure, and more, pose severe risks, potentially allowing attackers to compromise system security and access sensitive information.
The vulnerabilities identified could empower attackers to exploit elevated privileges, execute remote code, and orchestrate denial-of-service incidents. CERT-In underscores the urgent need for users to update their systems promptly to mitigate these risks effectively. Specifically, vulnerabilities within Microsoft Windows, such as shortcomings in access restrictions and implementation issues with the Mark of the Web (MotW) feature, are highlighted as areas of concern.
In addition to the Microsoft vulnerabilities, CERT-In also alerts users to security flaws in Android and Mozilla Firefox web browsers. To address these risks, users are advised to apply the necessary security updates outlined in the advisory promptly. By doing so, they can enhance the security of their systems and protect against potential cyber threats.