According to CERT-In, the threat involves a serious vulnerability in the Windows Desktop Window Manager.

New Delhi: The Indian government has issued a high-severity security alert for Microsoft Windows and other Microsoft products, warning millions of users about an active vulnerability that could expose systems to hacking attacks.
The advisory, released by the Indian Computer Emergency Response Team (CERT-In) in January 2026, highlights a critical flaw affecting Windows 11, Windows 10 and Microsoft Office products, widely used across personal and business environments.
Also Read
According to CERT-In, the threat involves a serious vulnerability in the Windows Desktop Window Manager.
“An information disclosure vulnerability (CVE-2026-20805) exists in the Windows Desktop Window Manager (DWM). An authenticated local attacker could exploit this vulnerability to gain access to sensitive information."
Microsoft has also acknowledged the urgency of the threat, stating, “this vulnerability (CVE-2026-20805) is being exploited in the wild. Users are advised to apply patches immediately."
The warning suggests the flaw is already being actively abused, prompting authorities to urge users to update their operating systems and Microsoft software without delay.
Microsoft Security Issue: Who is at risk?
CERT-In said the vulnerability affects multiple Microsoft products, including:
- Microsoft Office
- Windows
- Extended Security Updates (ESU)
- Azure
- Developer Tools
- SQL Server
Users have been advised to install the latest security patches and updates immediately to reduce the risk of compromise.
Published: 17 Jan 2026, 11:03 am IST
Related Topics
Subscribe to our Newsletter
Get Latest Mathrubhumi Updates in English
Disclaimer: Kindly avoid objectionable, derogatory, unlawful and lewd comments, while responding to reports. Such comments are punishable under cyber laws. Please keep away from personal attacks. The opinions expressed here are the personal opinions of readers and not that of Mathrubhumi.

