The Indian Computer Emergency Response Team (CERT-In) has recently issued a high-risk security advisory concerning multiple vulnerabilities in Microsoft products. These vulnerabilities, if exploited, could allow attackers to gain elevated privileges, access confidential data, bypass security mechanisms, execute remote code, or initiate denial-of-service (DoS) and spoofing attacks. (cert-in.org.in)
Affected Products and Services
The vulnerabilities impact a broad spectrum of Microsoft services and tools, including:
- Microsoft Windows: Various versions of Windows 10 and Windows 11 are susceptible to these vulnerabilities, potentially allowing remote code execution and security bypasses. (dqindia.com)
- Microsoft Office: Applications such as Word, Excel, and PowerPoint are at risk, necessitating caution when handling Office files. (dqindia.com)
- Microsoft Azure: The cloud computing platform is also affected, highlighting the importance of securing cloud-based resources. (dqindia.com)
- Microsoft Dynamics: This enterprise resource planning (ERP) solution is part of the list of vulnerable products. (dqindia.com)
- Developer Tools: Tools used for software development are included in the advisory, urging developers to stay informed about updates. (dqindia.com)
- Microsoft Edge: The web browser may also be affected, as indicated by the broad category of services mentioned in the advisory. (dqindia.com)
Among the critical vulnerabilities identified are:
- CVE-2025-29824: An elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver, which could allow an attacker to gain SYSTEM-level privileges on affected devices. This vulnerability is being exploited in the wild. (cert-in.org.in)
- CVE-2025-26663 and CVE-2025-26670: Unauthenticated remote code execution vulnerabilities in the Windows Lightweight Directory Access Protocol (LDAP) client, caused by use-after-free errors. Exploitation requires an attacker to win a race condition via specially crafted requests sent to a vulnerable LDAP server. (cert.europa.eu)
- CVE-2025-27480 and CVE-2025-27482: Remote code execution vulnerabilities in Windows Remote Desktop Services (RDP). An attacker must connect to a system with the Remote Desktop Gateway role and trigger a race condition to create an exploitable use-after-free scenario. (cert.europa.eu)
- CVE-2025-29791, CVE-2025-27749, CVE-2025-27748, CVE-2025-27745, and CVE-2025-27752: Remote code execution flaws in Microsoft Office and Excel applications that could be exploited by a bad actor using a specially crafted Excel document, resulting in full system control. (cert.europa.eu)
CERT-In urges IT administrators, cybersecurity teams, and general users to act promptly by:
- Applying Security Updates: Install the latest security patches released by Microsoft in its May 2025 update to mitigate potential risks. (cert-in.org.in)
- Restricting Access: Limit access to affected services, such as RDP and LDAP, to only trusted sources. (cert.europa.eu)
- Monitoring Systems: Regularly monitor systems for unusual activities and ensure that all systems are updated regularly to avoid potential exploitation.
The advisory serves as a crucial reminder for organizations and individuals to remain vigilant and proactive in maintaining cybersecurity hygiene. By promptly applying security updates and adhering to best practices, users can significantly reduce the risk of exploitation from these vulnerabilities.
Source: Mint https://www.livemint.com/technology...ft-vulnerabilities-report-11748268264487.html
