Multiple vulnerabilities in Microsoft Office

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, spoof user interface, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Microsoft Office Visio can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.
4. A security feature bypass vulnerability in Microsoft Excel can be exploited remotely to bypass security restrictions.
5. A remote code execution vulnerability in Microsoft Office OneNote can be exploited remotely to execute arbitrary code.
6. A spoofing vulnerability in Microsoft SharePoint Server can be exploited remotely to spoof user interface.
7. A security feature bypass vulnerability in Microsoft Office can be exploited remotely to bypass security restrictions.
8. A remote code execution vulnerability in Microsoft Access can be exploited remotely to execute arbitrary code.
9. An elevation of privilege vulnerability in Microsoft AutoUpdate (MAU) can be exploited remotely to gain privileges.
10. A remote code execution vulnerability in Microsoft Outlook can be exploited remotely to execute arbitrary code.
11. A remote code execution vulnerability in GDI+ can be exploited remotely to execute arbitrary code.
12. A remote code execution vulnerability in Microsoft Office can be exploited remotely to execute arbitrary code.
13. A remote code execution vulnerability in Microsoft Word can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

• CVE-2025-21354
  CVE-2025-21356
  CVE-2025-21345
  CVE-2025-21344
  CVE-2025-21364
  CVE-2025-21402
  CVE-2025-21393
  CVE-2025-21348
  CVE-2025-21346
  CVE-2025-21362
  CVE-2025-21395
  CVE-2025-21360
  CVE-2025-21361
  CVE-2025-21338
  CVE-2025-21357
  CVE-2025-21366
  CVE-2025-21365
  CVE-2025-21363
  CVE-2025-21186
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Access
• Microsoft-Office
• Microsoft-Outlook
• Microsoft-Excel
• Microsoft-SharePoint

Список CVE

• CVE-2025-21338
  critical
• CVE-2025-21354
  critical
• CVE-2025-21356
  critical
• CVE-2025-21345
  critical
• CVE-2025-21344
  critical
• CVE-2025-21364
  critical
• CVE-2025-21402
  critical
• CVE-2025-21393
  high
• CVE-2025-21348
  high
• CVE-2025-21346
  critical
• CVE-2025-21362
  critical
• CVE-2025-21395
  critical
• CVE-2025-21360
  critical
• CVE-2025-21361
  critical
• CVE-2025-21357
  high
• CVE-2025-21366
  critical
• CVE-2025-21365
  critical
• CVE-2025-21363
  critical
• CVE-2025-21186
  critical

Список KB

• 5002671
• 5002675
• 5002667
• 5002595
• 5002656
• 5002670
• 5002666
• 5002673
• 5002672
• 5002677
• 5002676
• 5002688

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com