The Indian government has issued a high-severity cybersecurity alert for millions of Windows users across the country, warning of a critical vulnerability affecting Windows 10, Windows 11, and several Microsoft products. The advisory comes amid growing concerns over active cyber exploitation, forcing authorities to urge users and businesses to take immediate action.
According to the Indian Computer Emergency Response Team (CERT-In), the latest security flaw could expose sensitive user data and increase the risk of hacking attacks, ransomware incidents, and system compromise. The warning was officially released in January 2026, highlighting that the threat is already being actively exploited.
CERT-In revealed that a newly discovered vulnerability in Microsoft software has put millions of Windows PCs, laptops, and enterprise systems at risk. The advisory applies not only to consumer devices but also to critical enterprise infrastructure widely used by businesses, developers, and IT teams.
The agency stressed that delaying updates could leave systems exposed to cybercriminals, especially as attackers are actively targeting unpatched machines.
The CERT-In advisory specifically mentions:
“An information disclosure vulnerability (CVE-2026-20805) exists in the Windows Desktop Window Manager (DWM). An authenticated local attacker could exploit this vulnerability to gain access to sensitive information."
This vulnerability affects how Windows manages visual elements and system processes, making it possible for attackers with local access to extract confidential data.
Microsoft has confirmed the severity of the situation, stating:
“This vulnerability (CVE-2026-20805) is being exploited in the wild. Users are advised to apply patches immediately."
This confirmation indicates that cybercriminals are already taking advantage of the flaw, increasing the urgency for users to update their systems without delay.
According to the government advisory, the following Microsoft products are vulnerable:
Microsoft Office
Windows (latest and legacy versions)
Extended Security Updates (ESU)
Azure
Developer Tools
SQL Server
Both individual users and enterprises are impacted, particularly organizations running cloud services, databases, or large-scale Windows deployments.
CERT-In warns that the flaw could be exploited to:
Steal sensitive information
Launch ransomware attacks
Compromise enterprise networks
Escalate privileges within systems
The advisory also notes that IT administrators, security teams, and system managers are especially vulnerable due to their access to high-value systems.
Microsoft has already released security patches to address the issue. Users are strongly advised to:
Go to Settings → Windows Update
Enable automatic updates
Install the latest security patches
Restart the system to complete installation
Keeping systems updated remains the most effective defense against active cyber threats.
Windows remains the most widely used desktop operating system globally, making it a prime target for cybercriminals. Vulnerabilities like CVE-2026-20805 highlight the increasing sophistication of cyber threats and the need for proactive cybersecurity hygiene.
With remote work, cloud services, and digital payments becoming mainstream, even a single unpatched system can become an entry point for large-scale cyber attacks.
The latest CERT-In alert serves as a critical reminder that cybersecurity threats are evolving rapidly. With Microsoft confirming that the vulnerability is already being exploited, Windows and Office users must act immediately. Installing updates, enabling automatic patches, and following best security practices can significantly reduce the risk of data theft and system compromise.
Ignoring such warnings could lead to severe financial, personal, and operational losses.