Microsoft Word Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in Microsoft Word. This issue is present in several different versions of the application, including Microsoft Office LTSC for Mac 2024, Microsoft Office LTSC 2024 for both 64-bit and 32-bit editions, Microsoft Office LTSC for Mac 2021, and Microsoft 365 Apps for Enterprise for both 64-bit and 32-bit systems. The vulnerability arises from an untrusted pointer dereference, which could potentially allow an attacker to execute arbitrary code on the affected system.

Impact

Exploitation of this vulnerability could lead to remote code execution, allowing an attacker to execute arbitrary code on the victim's machine.

Remediation

Users can apply the security update available through the Microsoft Update Catalog or via Click-to-Run for Microsoft 365 Apps for Enterprise. Specific instructions for downloading the update can be found in the release notes linked in the product family section.