Primary

Context

Microsoft Office Word Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in Microsoft Office Word. This issue arises from an incorrect conversion between numeric types, allowing an unauthorized attacker to execute code locally. The vulnerability affects multiple versions of Microsoft Word, as well as other Microsoft Office products and SharePoint servers.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Remediation

Users can apply the security update available through the Microsoft Update Catalog. Instructions for downloading this update can be found on the Microsoft Office Update Guidance page.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Office Word Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating