A critical heap-based buffer overflow vulnerability in Microsoft Office enables local code execution, posing a severe threat to workstation and server security.

The vulnerability is a heap-based buffer overflow occurring within Microsoft Office, which can be triggered by an unauthorized attacker. Successful exploitation allows for the execution of arbitrary code within the context of the current user.

The CVSS score of 8.4 indicates a high level of risk, primarily due to the potential for full system compromise. If exploited, an attacker could gain persistent access to the local machine, facilitate lateral movement within the network, and access sensitive documents or credentials stored on the host.

Immediate Action: Deploy the latest security updates provided by Microsoft via Windows Update or your organization’s patch management system.

Proactive Monitoring: Utilize Endpoint Detection and Response (EDR) tools to monitor for suspicious child processes spawned by Microsoft Office applications.

Compensating Controls: Implement file-based security policies that restrict the opening of untrusted documents and utilize Application Control to prevent unauthorized execution.

Public Exploit Available: false

This vulnerability presents a significant risk to endpoint integrity. Administrators must prioritize the deployment of security patches across all affected Microsoft Office installations to prevent potential local code execution attacks.