The Indian Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology (MeitY), has recently issued a critical advisory highlighting multiple high-risk vulnerabilities across various Microsoft products. These vulnerabilities pose significant threats, including potential system compromise, data exfiltration, ransomware attacks, and system crashes.
Scope of Affected Products
The advisory identifies several Microsoft products susceptible to these vulnerabilities:
- Microsoft Windows
- Extended Security Updates (ESU) for legacy Microsoft products
- Microsoft Azure
- Microsoft Developer Tools
- Microsoft Office
- Microsoft Apps
- Microsoft System Center
- Microsoft Dynamics
CERT-In's advisory outlines that these vulnerabilities could enable attackers to:
- Gain elevated privileges
- Obtain sensitive information
- Bypass security restrictions
- Execute remote code
- Conduct spoofing attacks
- Cause denial of service (DoS) conditions
Among the vulnerabilities reported, several are particularly critical:
- CVE-2025-29824: A use-after-free vulnerability in the Windows Common Log File System (CLFS) with a CVSS score of 7.8. Exploitation can lead to attackers gaining SYSTEM privileges on compromised Windows machines. This vulnerability has been observed being exploited in the wild. (cert.europa.eu)
- CVE-2025-26663 and CVE-2025-26670: Unauthenticated Remote Code Execution (RCE) vulnerabilities in the Windows Lightweight Directory Access Protocol (LDAP), each with a CVSS score of 8.1. These vulnerabilities require an attacker to win a race condition via specially crafted requests sent to a vulnerable LDAP server. (cert.europa.eu)
- CVE-2025-27480 and CVE-2025-27482: RCE vulnerabilities in Windows Remote Desktop Services (RDP), both with a CVSS score of 8.1. Exploitation involves an attacker connecting to a system with the Remote Desktop Gateway role and triggering a race condition to create an exploitable use-after-free scenario. (cert.europa.eu)
- CVE-2025-27745, CVE-2025-27748, CVE-2025-27749, CVE-2025-27752, and CVE-2025-29791: Remote code execution flaws in Microsoft Office and Excel applications, each with a CVSS score of 7.8. Exploitation can occur through specially crafted Excel documents, potentially resulting in full system control. (cert.europa.eu)
To mitigate these risks, CERT-In recommends the following actions:
- Immediate Updates: Apply the latest security patches provided by Microsoft to address these vulnerabilities.
- Prioritize Critical Systems: Focus on updating critical devices and public-facing assets to minimize exposure.
- Restrict Access: Limit access to affected services, such as RDP and LDAP, to only trusted sources to reduce potential attack vectors.
This advisory aligns with global cybersecurity trends, where national and international agencies have been issuing similar warnings. For instance, the European Union's CERT-EU released a security advisory in April 2025, detailing critical vulnerabilities in Microsoft products and recommending prompt updates. (cert.europa.eu)
Additionally, cybersecurity firms like CrowdStrike have analyzed Microsoft's April 2025 Patch Tuesday, highlighting 121 vulnerabilities, including one actively exploited zero-day and 11 critical vulnerabilities. (crowdstrike.com)
Conclusion
The issuance of this high-risk warning by CERT-In underscores the critical importance of maintaining up-to-date systems and implementing robust security measures. Organizations and individual users must remain vigilant, promptly apply security patches, and adhere to best practices to safeguard against potential cyber threats.
Source: GujaratSamachar English MeitY’s CERT-In issues ‘high risk’ warning for Microsoft users