The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk advisory concerning multiple critical vulnerabilities identified in various Microsoft products. These flaws, if exploited, could grant attackers unauthorized access to systems, leading to data breaches, remote code execution, and potential system disruptions.
Scope of Affected Products
The vulnerabilities impact a broad spectrum of Microsoft software and services, including:
- Operating Systems: Windows 10, Windows 11, and Windows Server editions.
- Productivity Suites: Microsoft Office applications such as Word, Excel, PowerPoint, and SharePoint.
- Database Management: Microsoft SQL Server.
- Cloud Services: Microsoft Azure.
- Development Tools: Visual Studio and related developer tools.
- Virtualization Platforms: Windows Hyper-V.
Among the identified vulnerabilities, several are particularly severe:
- CVE-2025-49719: An information disclosure vulnerability in Microsoft SQL Server, rated with a CVSS score of 7.5. This flaw arises from improper input validation, allowing unauthenticated attackers to access data from uninitialized memory.
- CVE-2025-49695 and CVE-2025-49696: Remote code execution vulnerabilities in Microsoft Office, each with a CVSS score of 8.4. These issues can be exploited through specially crafted Office files, potentially leading to arbitrary code execution without user interaction, as the Preview Pane can trigger the exploit.
- CVE-2025-47981: A critical remote code execution vulnerability in the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism, with a CVSS score of 9.8. Exploitation could allow an unauthenticated attacker to execute arbitrary code by sending a malicious message to the server.
- CVE-2025-48822: A remote code execution vulnerability in Windows Hyper-V Discrete Device Assignment (DDA), rated with a CVSS score of 8.6. This flaw can be triggered if a user imports a malicious INF file, potentially compromising virtualized environments.
Exploitation of these vulnerabilities could lead to:
- Data Breaches: Unauthorized access to sensitive information.
- System Compromise: Execution of arbitrary code, leading to full system control by attackers.
- Service Disruptions: Denial-of-service conditions causing system crashes or unavailability.
- Propagation of Malware: Deployment of ransomware or other malicious software.
To mitigate the risks associated with these vulnerabilities, CERT-In advises the following actions:
- Immediate Patching: Apply the latest security updates released by Microsoft as part of the July 2025 Patch Tuesday.
- Prioritize Critical Systems: Focus on updating public-facing and critical assets to minimize exposure.
- Restrict Access: Limit access to affected services, such as Remote Desktop Protocol (RDP) and Lightweight Directory Access Protocol (LDAP), to trusted sources only.
- Monitor Systems: Regularly check for unusual activity and apply best practices in access management and endpoint security.
- User Education: Inform users about the risks of opening unsolicited emails or files, especially those from unknown sources.
The issuance of this high-risk advisory by CERT-In underscores the critical nature of the identified vulnerabilities within Microsoft products. Prompt action in applying security patches and adhering to recommended security practices is essential to safeguard systems against potential exploits.
Source: digit.in Microsoft users beware! Govt issues high-risk alerts over critical security flaws in Windows, Office, and more
Last edited: