Indian Govt, Microsoft Warn Windows Users of Critical Security Risk

• Indian government's CERT-In issued a major security alert for Windows 11 and other Microsoft products.
• A critical information disclosure vulnerability (CVE-2026-20805) in Windows Desktop Window Manager (DWM) is being actively exploited.
• The vulnerability affects Windows (all versions), Microsoft Office, Extended Security Updates (ESU), Azure, Developer Tools, and SQL Server.
• Authenticated local attackers can exploit this flaw to gain access to sensitive information.
• Users are strongly advised to apply security patches immediately by enabling auto-updates and rebooting their systems.

Why It Matters: Windows and Microsoft product users must update immediately to patch a critical, actively exploited security vulnerability.