Microsoft Office
Moderate fix3 remedies
cpe:2.3:a:microsoft:office:*:*:*:*:android:*:*, +6 more
Moderate fix3 remedies
Microsoft Office Use-After-Free Vulnerability Allowing Local Code Execution
Vulnerability
Patched
A use-after-free vulnerability has been identified in Microsoft Office, which allows an unauthorized attacker to execute code locally. This vulnerability affects several versions of Microsoft Office, including Office 2016, Office 2019, Office 2021, and various editions of Office for Mac and Android. The vulnerability arises from improper memory management, leading to a use-after-free condition that can be exploited to execute arbitrary code.
Impact
Exploitation of this vulnerability could lead to unauthorized local code execution.
Remediation
Users can apply the security update for this vulnerability, which is available through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base article 5002730 for Office 2016, and similar release notes for other affected Office versions.
Added: Jun 10, 2025, 5:42 PM
Updated: Jun 10, 2025, 5:42 PM
Vulnerability Rating
Custom Algorithm
spread
9.0impact
10.0exploitability
4.4remediation
7.7relevance
0.2threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.