Volerion logoVolerion
Volerion logoVolerion

Microsoft Office Word Use-After-Free Vulnerability Allowing Local Code Execution

Vulnerability

A use-after-free vulnerability has been identified in Microsoft Office Word. This issue allows an unauthorized attacker to execute code locally on the affected system. The vulnerability arises from improper memory management, which can be exploited to execute arbitrary code.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Remediation

Users can download the security update for this vulnerability through the Microsoft Update Catalog. For Microsoft Word 2016 (both 32-bit and 64-bit editions), the security update is available as part of the May 2026 security updates. Instructions for downloading the update are provided in the Microsoft Knowledge Base article 5002858. For other affected Microsoft Office products, security updates can be downloaded via the Microsoft Update mechanism or through the Office Update service.

Added: May 12, 2026, 7:42 PM
Updated: May 12, 2026, 7:42 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
7.5
exploitability
3.8
remediation
7.7
relevance
8.1
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.