Recently, the Indian Computer Emergency Response Team (CERT-In), a cybersecurity agency under the Ministry of Electronics and Information Technology (MeitY), issued a high-risk security warning for users of Microsoft products.
According to the announcement, the discovered serious vulnerabilities can affect many popular software such as Windows, Office, Dynamics, SQL Server, System Center, Azure, Browser, Developer Tools, and even older versions.
If exploited, attackers can take special rights, access sensitive data, carry out fake attacks, cause denial of service, install malware remotely and bypass multiple layers of security, according to indianexpress.
Worryingly, CERT-In said that these vulnerabilities not only affect individuals but also threaten the systems of organizations and businesses. In the worst case scenario, hackers can take control, steal data, crash the system or deploy ransomware attacks, which are an increasingly popular form of malware blackmail.
Faced with this risk, Microsoft recommends that all users and IT system administrators quickly install the latest security patch to fix the vulnerability.
In addition, cybersecurity experts propose limiting administrators' rights, implementing multi-factor authentication, maintaining a backup system and regularly monitoring network activities to detect unusual behavior early.
In addition to Microsoft, CERT-In also gave a separate note to Google Chrome users on December 7, regarding a vulnerability that could allow attackers to execute arbitrary code remotely. This warning applies to both individual and institutional users.
Experts say that in the context of increasingly sophisticated cybercrime, timely updating of security patches is a key factor in helping to reduce the risk of system attack, protecting important data against large-scale cyber attacks.
