If you are using a Windows laptop or desktop, this news is crucial for your data security. The Indian Computer Emergency Response Team (CERT-In), a government agency under the Ministry of Electronics and Information Technology of the Government of India focusing on matters of cybersecurity, has issued a warning for all enterprise users relying on the Microsoft ecosystem for carrying out their business affairs. A dangerous vulnerability puts millions of users and their data at risk.
Based on a published report from CERT on dated 15 May, 2025, it is said that the multiple vulnerabilities can give cybercriminals an easy access to Microsoft ecosystem devices and allow data theft as well as crashes. What’s even more dangerous is that the issue extends beyond the world of Windows laptops and PCs. Anyone using any of the vulnerable Microsoft services on other platforms is equally prone to cyberattack risks.
Hence, if you use a Mac or Android device with Microsoft Office, Azure services and other apps, you are equally at risk.
Which Microsoft services are affected
The vulnerabilities discovered by CERT affect the following services:
- Extended Security Updates (ESU) for legacy Microsoft products
- Microsoft Developer Tools
- Microsoft System Center
Which Microsoft users are vulnerable
The vulnerabilities affect personal and enterprise users. IT administrators and security teams are at risk too.
What can the vulnerabilities do
The CERT In report says that the vulnerabilities could allow attackers to execute remote code, gain elevated privileges, access sensitive information, bypass security restrictions, conduct spoofing attacks and cause denial-of-service (DoS) conditions.
These activities can lead to several cybersecurity risks such as data theft, ransomware attacks, affecting system stability and more disruptions.
What should you do to secure your PC
In order to secure the systems from cyberattacks, the government agency advises all private and enterprise users to install Microsoft’s latest security patches as soon as possible. Keep an eye on the latest Windows Update releases and install them at the earliest. Users on other platforms should update their Microsoft Apps to secure their data. IT teams and system administrators should keep their antivirus and malware detection systems up to date.