New flaw in Windows lets hackers access sensitive info
What's the story
India's Computer Emergency Response Team (CERT-In) has issued a high-severity alert for a remote code execution vulnerability in Microsoft Graphics Components (GDI+). The flaw, tracked as CVE-2025-60724, affects multiple versions of Windows and Microsoft Office. CERT-In warns that the vulnerability could allow attackers to execute arbitrary code or access sensitive information on targeted systems.
Impact scope
Vulnerability affects multiple Windows and Office versions
The vulnerability impacts several generations of Windows, from Server 2008 to the latest builds of Windows 11 and Server 2025. It affects both 32-bit and 64-bit systems. Microsoft Office LTSC for Mac (2021 and 2024) and Microsoft Office for Android are also among the affected products. CERT-In warns that all end-user organizations and individuals using Microsoft's graphics rendering components may be at risk.
Exploitation method
Flaw exploited through specially crafted metafiles
The flaw is a heap-based buffer overflow in Microsoft Graphics Components. An attacker can exploit it by convincing a user to download and open a document with a specially crafted metafile. When processed, the malicious file could trigger the overflow, enabling remote execution of harmful code. CERT-In classifies this risk as high, urging immediate attention from organizations and users alike.
Security risk
Remote code execution poses significant security threat
The main impact of the vulnerability is remote code execution, which could let attackers take control of a device, manipulate data, or expand access within an organization's network. CERT-In also highlights the possibility of information disclosure as an additional threat. The widespread use of Windows graphics processing libraries in consumer and enterprise environments makes this vulnerability a major security concern if not patched.
Information
CERT-In advises immediate patch application
CERT-In recommends users and administrators to apply the patches released by Microsoft. The security updates addressing CVE-2025-60724 can be accessed through Microsoft's update guide. This advisory comes as a reminder of the importance of keeping software updated to protect against potential security vulnerabilities.