Microsoft Office, Windows and other business customers are at the risk of hacking owing to multiple vulnerabilities that may have been exploited in the wild.
Microsoft users have been warned about a major security risk by the Indian government that affects its Windows, Office and even the Cloud customers. The alert comes via the Indian Computer Emergency Response Team or CERT-In in March 2025, sharing some worrying details about the security risks that make millions of Windows PCs vulnerable to hacking attacks.
Microsoft Windows And Office Security Risk: What It Says
The CERT-In bulletin clearly details the issues, who might be targeted by the hackers and what they risk because of these vulnerabilities. The high severity rating makes it fairly evident about its seriousness.
Microsoft’s alert says the following products are at risk because of these issues:
– Microsoft Windows
– Extended Security Updates (ESU) for legacy Microsoft products
– Microsoft Developer Tools
– Microsoft Office
– Microsoft Azure
“Multiple vulnerabilities CVE-2025-24983, CVE-2025-24984, CVE-2025-24985, CVE-2025-24991, CVE-2025-24993, CVE-2025-26630 and CVE2025-26633 are reported in Microsoft Windows, which could allow a local attacker to gain elevated privileges, disclose information, perform code execution or bypass security restrictions on the targeted system,” as given in the CERT-In note this week.
The agency also informs that Individuals and IT administrators, security teams responsible for maintaining and updating Microsoft products could be targeted with ransomware attacks or system crashes.
However, the most worrying part of the alert is, “It has been reported that these vulnerabilities are being exploited in the wild,” which means the company is yet to fully understand the issue and if people have been already attacked.
The good news is that Microsoft has already looked into these issues and all these users are being asked to update their systems, software and other tools from the company right away.
