If you use Windows or Microsoft Edge, there’s an important update you shouldn’t ignore.
India’s cybersecurity agency, CERT-In, has flagged two high-risk vulnerabilities in several Microsoft products.
These include Windows 10, Windows 11, Microsoft Edge, and even Microsoft Office on Android and Mac.
These security flaws could allow attackers to run harmful code on your device.
In some cases, all it takes is opening a malicious file or visiting a compromised website.
What Are the Vulnerabilities?
CERT-In highlights two main issues:
1. Remote Code Execution Bug in Microsoft Graphics Component (GDI+)
This affects Windows 10, Windows 11, older Windows Server versions, and Microsoft Office LTSC for Mac and Office for Android.
The flaw is a heap-based buffer overflow.
In simple terms, opening a specially crafted malicious document could let attackers take control of your system, putting your data and privacy at risk.
2. Critical Security Issue in Microsoft Edge (Chromium-Based)
This affects Edge versions older than 142.0.3595.80.
The problem is in V8, the JavaScript engine used by Edge.
A hacker could execute code remotely by sending a specially crafted request to your browser.
Since Edge is integrated with Windows, using an outdated version can expose your system to serious risks.
What You Should Do
The solution is straightforward: update your software immediately.
Windows users should install the latest security updates from Microsoft.
The official patch for the Graphics Component vulnerability is listed as CVE-2025-60724 on the Microsoft Security Update Guide.
Edge users should ensure they are using the latest version to stay protected.
Keeping your system and browser updated is the fastest way to prevent attacks and protect your personal data.
