Microsoft Word
Moderate fix1 remedy
cpe:2.3:a:microsoft:word:*:*:*:*:*:*:*
Moderate fix1 remedy
Microsoft Office Type Confusion Vulnerability Leading to Remote Code Execution
Vulnerability
Patched
A type confusion vulnerability has been identified in Microsoft Office, allowing an unauthorized attacker to execute code locally. This issue arises from the access of a resource using an incompatible type. The vulnerability is present in several Microsoft Office products, including Outlook and Word, and affects multiple versions.
Impact
Exploitation of this vulnerability allows for remote code execution.
Remediation
Users can download the security update for Microsoft Word 2016 (32-bit and 64-bit editions) from the Microsoft Update Catalog. For Microsoft Office LTSC 2021 and 2024 (both 32-bit and 64-bit editions), the security update is also available through the Microsoft Update Catalog. Microsoft 365 Apps for Enterprise users can download the security update via the Microsoft Update mechanism. SharePoint Server users can find the security update on the Microsoft Update Catalog.
Added: Jun 9, 2026, 7:03 PM
Updated: Jun 9, 2026, 7:03 PM
Vulnerability Rating
Custom Algorithm
spread
9.0impact
10.0exploitability
3.7remediation
7.7relevance
9.4threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.