Multiple vulnerabilities in Microsoft Office

Descripción

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Office can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
3. An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.
4. An information disclosure vulnerability in Windows Imaging Component can be exploited remotely to obtain sensitive information.
5. An information disclosure vulnerability in Microsoft Word can be exploited remotely to obtain sensitive information.
6. An elevation of privilege vulnerability in Microsoft AutoUpdate (MAU) can be exploited remotely to gain privileges.
7. A remote code execution vulnerability in Microsoft Office Visio can be exploited remotely to execute arbitrary code.
8. A spoofing vulnerability in Microsoft OfficePlus can be exploited remotely to spoof user interface.
9. A remote code execution vulnerability in Microsoft PowerPoint can be exploited remotely to execute arbitrary code.
10. A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely to execute arbitrary code.

Notas informativas originales

• CVE-2025-54906

• CVE-2025-54900
• CVE-2025-54904
• CVE-2025-54896
• CVE-2025-54901
• CVE-2025-53799
• CVE-2025-54899
• CVE-2025-54902
• CVE-2025-54905
• CVE-2025-54910
• CVE-2025-55317
• CVE-2025-54903
• CVE-2025-54898
• CVE-2025-54907
• CVE-2025-55243
• CVE-2025-54908
• CVE-2025-54897

Explotación

Public exploits exist for this vulnerability.

Productos relacionados

• Microsoft-Office-PowerPoint
• Microsoft-Office
• Microsoft-Excel
• Microsoft-Word
• Microsoft-Sharepoint-Server
• Microsoft-SharePoint

Lista CVE

• CVE-2025-53799
  high
• CVE-2025-54896
  critical
• CVE-2025-54897
  critical
• CVE-2025-54898
  critical
• CVE-2025-54899
  critical
• CVE-2025-54900
  critical
• CVE-2025-54901
  high
• CVE-2025-54902
  critical
• CVE-2025-54903
  critical
• CVE-2025-54904
  critical
• CVE-2025-54905
  high
• CVE-2025-54906
  critical
• CVE-2025-54907
  critical
• CVE-2025-54908
  critical
• CVE-2025-54910
  critical
• CVE-2025-55243
  critical
• CVE-2025-55317
  critical

Lista KB

• 5002762
• 5002576
• 5002775
• 5002766
• 5002778
• 5002774
• 5002779
• 5002776
• 5002784
• 5002781
• 5002780
• 5002777
• 5002782

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com