The Indian Computer Emergency Response Team (CERT-In), the cyber security agency of the Indian government, issued a critical security alert for Windows and Microsoft Office users in July 2025.
Windows Users: CERT-In issued a serious cyber security alert in July 2025 for users of several software, including Microsoft Windows and Microsoft Office. This warning is extremely important for the millions of users who use Windows and other Microsoft products on their personal and professional systems.
CERT-In has classified this alert as 'High Severity'. This means that hackers can easily steal your personal information, gain control of your system, or cause significant damage by exploiting this vulnerability.
Why was this alert issued?
According to the report issued by CERT-In, serious vulnerabilities have been found in several Microsoft products. By exploiting these flaws, cyber attackers can gain remote access to users' systems. Through this, they can steal your important files, encrypt data, damage the system, or bypass security measures.
The biggest threat from these vulnerabilities is to companies, institutions, and government departments that rely on Microsoft products for their business and data.
What threats are mentioned in the CERT-In report?
In the government's report, hackers can perform the following actions in the Microsoft products where vulnerabilities have been identified:
- Gain full control of the system.
- Steal sensitive information.
- Run remote code and damage the system.
- Bypass system security.
- Shut down servers or networks.
- Cause damage by creating fake identities through spoofing attacks.
- Tamper with system settings.
These vulnerabilities can have the greatest impact on the corporate sector, government agencies, and large IT companies, but the systems of ordinary users are also at risk.
Which users are at risk?
According to CERT-In, users who have the following Microsoft products or services should be alert immediately:
- Microsoft Windows (all versions)
- Microsoft Office (Word, Excel, PowerPoint, etc.)
- Microsoft Dynamics 365
- Microsoft Edge and other browsers
- Microsoft Azure (Cloud Services)
- SQL Server
- System Center
- Developer Tools
- Older Microsoft services receiving ESU (Extended Security Updates)
Users who use cloud-based services and business solutions are particularly targeted by this threat.
What steps has Microsoft taken?
Microsoft, acknowledging these vulnerabilities, has released security patches and updates to provide relief to users. The company says that these vulnerabilities have not been widely exploited yet, but the threat still persists. Microsoft has advised all users to:
- Update their operating systems and applications to the latest versions.
- Keep automatic updates on.
- Restart the system after installing security patches.
- Do not open suspicious emails or links.
- Use b passwords and two-factor authentication.
Important precautions for users
- Keep your Windows and Office software updated regularly.
- Do not open attachments from unknown websites or emails.
- Use a reliable antivirus and firewall.
- Users associated with banking, finance, and cloud data storage should exercise extra caution.
Today, millions of people and companies are using Windows and Microsoft Office. Because of this, if any vulnerability comes to light, it can affect the entire system, data, and business. Especially when it comes to cyber security, the consequences of any small mistake can result in significant damage.
