comscore
हिंदी
  • Home
  • News
  • Windows 10 And Windows 11 Hit By High-Severity Security Flaw: CERT-In Issues Warning

Windows 10 And Windows 11 Hit By High-Severity Security Flaw: CERT-In Issues Warning

CERT-In has flagged a major security flaw in the Windows kernel affecting several versions of Windows 10, Windows 11, and Windows Server. Here is what you should do.

Published By: Divya | Published: Nov 20, 2025, 06:29 PM (IST)

laptop
  • whatsapp
  • twitter
  • facebook
  • whatsapp
  • twitter
  • facebook

Microsoft Windows users have a new security issue to watch out for. CERT-In, the Indian government’s cybersecurity agency, has issued a high-severity warning about a flaw that affects multiple versions of Windows 10 and Windows 11 – including some of the latest Windows 11 builds. news Also Read: Microsoft Blocks Largest-Ever Cloud DDoS Attack Aimed At Australian Website: Here’s What Happened

The issue sits deep inside the Windows kernel, which is the core part of the operating system that handles everything from memory to hardware communication. According to CERT-In, the vulnerability comes from a race condition, meaning the system fails to properly manage multiple processes trying to use the same shared resource at the same time. news Also Read: Microsoft Users At High Risk: Indian Govt Recommends Updating Your Devices Now

If an attacker already has low-level access to the system, they can exploit this flaw to gain higher privileges. In simple words, someone who has limited access could escalate to full administrator rights – giving them the power to manipulate data, install malware, disrupt services, or completely take over the device. news Also Read: Xbox Cloud Gaming Goes Live In India: How To Play Xbox Games Without A Console

Which Windows versions are affected?

The list is long. CERT-In says the vulnerability impacts:

  • Windows 10: Versions 1809, 21H2 and 22H2
  • Windows 11: Versions 22H3, 23H2, 24H2 and 25H2
  • Windows Server: 2019, 2022, and 2025 (including Server Core builds)

CERT-In also notes that enterprises should double-check build numbers, since LTSC and other channels may have different update paths.

How serious is the issue?

This is a local privilege escalation vulnerability, so attackers can’t exploit it remotely. They need some level of access first – but if they get in, even through another minor flaw or shared device login, they can climb to full system privileges.

For shared PCs, office systems, and especially servers, this can quickly become a major security problem. It can affect system confidentiality, integrity, and availability – essentially every critical part of a machine’s security.

What should you do next?

Fortunately, Microsoft has already released security patches. So the fix is simple. Just update your device. To do so, 

Trending Now

  • First of all, go to the Settings
  • And select the Windows Update
  • Now, check for the updates and install everything which is available to the latest version.

Keeping your device updated is the best way to stay protected, especially when vulnerabilities involve core Windows components.