comscore
हिंदी
  • Home
  • News
  • Microsoft Users At High Risk: Indian Govt Recommends Updating Your Devices Now

Microsoft Users At High Risk: Indian Govt Recommends Updating Your Devices Now

The Indian government has warned Windows and Edge users about two high-risk vulnerabilities that allow remote code execution. Here is what you must do.

Published By: Divya | Published: Nov 14, 2025, 11:30 PM (IST)

Windows
  • whatsapp
  • twitter
  • facebook
  • whatsapp
  • twitter
  • facebook

If you’re using Windows or Microsoft Edge, there’s an update you should pay attention to. The Indian government’s cybersecurity agency, CERT-In, has issued a new alert about two high-risk vulnerabilities affecting a long list of Microsoft products – including Windows 10, Windows 11, Microsoft Edge, and even Microsoft Office on Android and Mac. news Also Read: Xbox Cloud Gaming Goes Live In India: How To Play Xbox Games Without A Console

In simple words, these loopholes could let attackers run harmful code on your device. And in some cases, all it takes is opening a malicious file or landing on the wrong website. Here’s a quick look at what’s going on and what you need to do. news Also Read: Using Android 14, 15, Or 16? CERT-In Says Your Phone Might Be At Risk

What the Govt Alert Says

CERT-In has flagged two major issues: news Also Read: Google Chrome Desktop Faces High Risk: Update Immediately, Warns CERT-In

  1. A Remote Code Execution Bug in Microsoft Graphics Component (GDI+)

This one affects several Windows versions – from older Windows Server builds to Windows 10 and the latest Windows 11 releases. Even Microsoft Office LTSC for Mac and Office for Android are on the list.

The problem? A heap-based buffer overflow. Basically, if you open a document that contains a carefully crafted malicious metafile, attackers could run code on your system. That’s enough to put your data and privacy at risk.

  1. A Critical Security Issue in Microsoft Edge (Chromium-Based)

The second warning is for Edge versions older than 142.0.3595.80. CERT-In alerts that the vulnerability lies in V8, the JavaScript engine that powers Edge. According to CERT-In, attackers could remotely execute code by sending a specially crafted request to your browser. Since Edge is tightly integrated with the Windows ecosystem, running an outdated version can expose your system to unnecessary risk.

What You Should Do Now

The fix is simple – update your software right away. If you are a Windows user, then simply install the latest security updates from Microsoft. The official patch for the Graphics Component issue is CVE-2025-60724 on the Microsoft Security Update Guide.

Trending Now

On the other hand, the Microsoft Edge user must check their current version. You can do so by going to the About Microsoft Edge in Settings. If it’s below 142.0.3595.80, update it immediately. Edge usually updates on its own, but it’s worth checking manually.