CVE-2022-41061: Microsoft Word Remote Code Execution Vulnerability
First published: Tue Nov 08 2022(Updated: )
Microsoft Word Remote Code Execution Vulnerability
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office 2019 for Mac | ||
| Microsoft Office LTSC for Mac 2021 | ||
| Microsoft 365 Apps for Enterprise | ||
| Microsoft Word 2013 RT | ||
| Microsoft 365 Apps for Enterprise | ||
| Microsoft 365 Apps | ||
| Microsoft Office | =2019 | |
| Microsoft Office | =2021 | |
| Microsoft Office | =2021 | |
| Microsoft Office Online Server | ||
| Microsoft Office Web Apps Server | =2013-sp1 | |
| Microsoft SharePoint Enterprise Server | =2013-sp1 | |
| Microsoft SharePoint Enterprise Server | =2016 | |
| Microsoft SharePoint Server | ||
| Microsoft SharePoint Server | =2019 | |
| Microsoft Word | =2013-sp1 | |
| Microsoft Word | =2013-sp1 | |
| Microsoft Word | =2016 | |
| Microsoft Word 2016 | ||
| Microsoft Office Online Server | ||
| Microsoft Word 2013 | ||
| Microsoft SharePoint Server 2019 | ||
| Microsoft SharePoint Server Subscription Edition Language Pack | ||
| Microsoft SharePoint Enterprise Server 2013 | ||
| Microsoft Office Web Apps Server 2013 | ||
| Microsoft SharePoint Enterprise Server 2016 | ||
| Microsoft Word 2013 | ||
| Microsoft SharePoint Server Subscription Edition | ||
| Microsoft Word 2016 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-41061?
CVE-2022-41061 is a vulnerability in Microsoft Word that allows remote code execution.
How severe is CVE-2022-41061?
CVE-2022-41061 has a severity rating of 7.8, which is considered high.
Which products are affected by CVE-2022-41061?
The affected products include Microsoft 365 Apps for Enterprise, Microsoft Word 2016, Microsoft Office 2019 for Mac, Microsoft Word 2013, SharePoint Enterprise Server 2016, and others. For a complete list, refer to the vendor's security advisory.
How can I fix CVE-2022-41061?
To fix CVE-2022-41061, apply the available patches or updates provided by Microsoft. Refer to the vendor's security advisory for specific remediation steps for each affected product.
Where can I find more information about CVE-2022-41061?
You can find more information about CVE-2022-41061 on the Microsoft Security Response Center website.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/title
- agent/references
- agent/last-modified-date
- agent/description
- agent/event
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft office 2019 for mac
- canonical/microsoft sharepoint server 2019
- canonical/microsoft office ltsc for mac 2021
- canonical/microsoft 365 apps for enterprise
- canonical/microsoft office web apps server 2013
- canonical/microsoft word 2013 rt
- canonical/microsoft sharepoint server subscription edition language pack
- canonical/microsoft sharepoint enterprise server 2016
- canonical/microsoft word 2013
- canonical/microsoft office online server
- canonical/microsoft word 2016
- canonical/microsoft sharepoint enterprise server 2013
- canonical/microsoft sharepoint server subscription edition
- canonical/microsoft 365 apps
- canonical/microsoft office
- version/microsoft office/2019
- version/microsoft office/2021
- canonical/microsoft office web apps server
- version/microsoft office web apps server/2013-sp1
- canonical/microsoft sharepoint enterprise server
- version/microsoft sharepoint enterprise server/2013-sp1
- version/microsoft sharepoint enterprise server/2016
- canonical/microsoft sharepoint server
- version/microsoft sharepoint server/2019
- canonical/microsoft word
- version/microsoft word/2013-sp1
- version/microsoft word/2016