A recent security alert issued by the Indian government’s Computer Emergency Response Team (CERT-In) has raised concerns about multiple vulnerabilities detected in various Microsoft products. The advisory, labeled CIAD-2023-0028 and dated August 09, 2023, flags the vulnerabilities’ severity as high, indicating potential user risks. Issues like this could be the reason why the Defence Ministry of India decided to switch from Windows to ‘Maya’ OS.
The table below provides an overview of the affected products, their severity levels, and potential impacts:
The impacted software includes widely-used Microsoft products such as Windows, Exchange Server, Teams, Office, Azure, and Developer Tools. These vulnerabilities open the door for various malicious activities, including gaining elevated privileges, extracting sensitive information, executing remote code attacks, evading security measures, perpetrating spoofing attacks, and potentially causing denial of service disruptions.
The CERT-In advisory emphasizes the urgency of addressing these vulnerabilities. Users are urged to stay proactive by:
- Applying necessary security updates promptly.
- Prioritizing software updates for Microsoft products.
- Be cautious with unsolicited messages and email attachments.
- Implementing strong passwords and enabling multi-factor authentication.
via DNA India