A high-severity use-after-free vulnerability in Microsoft Office enables authorized local attackers to achieve privilege escalation.

This is an improper access control vulnerability in Microsoft Office Click-To-Run (C2R) that allows an authorized local attacker to elevate privileges on an affected host.

With a CVSS score of 8.8, this vulnerability allows a local attacker to escalate their privileges, potentially gaining full control over the workstation. This could lead to unauthorized access to sensitive user data and provide a foothold for further malicious activities on the local system.

Immediate Action: Apply the Microsoft security update referenced in the Microsoft CVE-2026-40420 Advisory immediately.

Proactive Monitoring: Monitor for unusual system behaviors or unauthorized privilege elevation attempts on workstations where Microsoft Office is installed.

Compensating Controls: Enforce strict user permission policies to minimize the potential impact of local privilege escalation.

Public Exploit Available: false

Security teams must prioritize the deployment of these updates. Patching is critical to neutralize the threat of privilege escalation and protect organizational endpoints from unauthorized local exploitation.