The Indian Emergency Computer Response Team (CERT-In) has released an alert for users running Windows 10 and Windows 11, urging them to update their operating systems without delay. The advisory highlights a risk of sensitive data exposure caused by a flaw related to memory handling within the system.

CERT-In cautioned that a core technical component of the Windows operating system could endanger the safety of personal and organizational data. Both individual users and enterprises have been asked to remain alert and take immediate action to reduce potential security threats.

As per CERT-In, the weakness exists in the Desktop Window Manager, a system feature responsible for managing desktop visuals such as animations, layout rendering, and other graphical effects. Due to improper management of certain memory objects, this component may become vulnerable. Cyber attackers could misuse this loophole to access confidential data stored in system memory. While attackers do not gain full control of the desktop environment, the flaw could still be exploited to launch large-scale cyber intrusions.

The alert affects multiple Windows releases currently in circulation. The vulnerability has been identified in Windows 10 versions 1607, 1809, 21H2, and 22H2, as well as Windows 11 versions 23H2 and 24H2. CERT-In has rated the seriousness of the issue as moderate.

To address the risk, CERT-In has strongly recommended installing the latest security patches at once. Software updates issued by Microsoft are already available and are designed to resolve this security weakness.