A type confusion vulnerability in Microsoft Office permits unauthorized local code execution, presenting a critical risk to user workstations.

The vulnerability is a type confusion flaw where the application accesses a resource using an incompatible type. This allows an unauthorized attacker to execute code locally, typically by tricking a user into opening a specially crafted malicious document.

With a CVSS score of 8.4, this vulnerability presents a high risk of system compromise. If successfully exploited, an attacker could gain the same privileges as the logged-in user, leading to data exfiltration, installation of malware, or further lateral movement within the corporate network.

Immediate Action: Install the latest security patches for Microsoft Office through Windows Update or the Microsoft 365 update channel.

Proactive Monitoring: Implement email filtering solutions to block suspicious attachments and monitor for unusual process spawning from Office applications.

Compensating Controls: Disable macros and enable Attack Surface Reduction (ASR) rules to prevent Office applications from creating child processes or executing suspicious code.

Public Exploit Available: false

Because this vulnerability allows for local code execution, it is imperative that all Microsoft Office installations are updated immediately. Security teams should ensure that all users are operating under the principle of least privilege to limit the impact of potential exploitation.