A high-severity use-after-free vulnerability in Microsoft Office enables authorized local attackers to achieve privilege escalation.

This is an improper access control vulnerability in Microsoft Office Click-To-Run (C2R) that allows an authorized local attacker to elevate privileges on an affected host.

With a CVSS score of 8.8, this flaw allows an attacker who already has local access to gain higher-level permissions, potentially leading to full system compromise. This could result in the theft of sensitive data or the installation of persistent malicious software on the host.

Immediate Action: Apply the Microsoft security update referenced in the official Microsoft CVE-2026-35436 Advisory immediately.

Proactive Monitoring: Monitor local system logs for unusual process execution or attempts to modify system files by standard user accounts.

Compensating Controls: Enforce the principle of least privilege by limiting the administrative rights of standard users on shared workstations.

Public Exploit Available: false

Administrators should prioritize deploying the latest security updates for all versions of Microsoft Office listed. Given the potential for privilege escalation, patching is essential to maintain the security posture of the endpoint environment.