CVE-2022-41106: Microsoft Excel Remote Code Execution Vulnerability
First published: Tue Nov 08 2022(Updated: )
Microsoft Excel Remote Code Execution Vulnerability
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office 2019 for 32-bit editions | ||
| Microsoft 365 Apps for Enterprise | ||
| Microsoft Office 2019 for 64-bit editions | ||
| Microsoft Excel 2013 RT | ||
| Microsoft Office LTSC 2021 for 32-bit editions | ||
| Microsoft Office LTSC 2021 for 64-bit editions | ||
| Microsoft 365 Apps for Enterprise | ||
| Microsoft 365 Apps | ||
| Microsoft Excel | =2013-sp1 | |
| Microsoft Excel | =2013-sp1 | |
| Microsoft Excel | =2016 | |
| Microsoft Office | =2019 | |
| Microsoft Office | =2021 | |
| Microsoft Office Online Server | ||
| Microsoft Office Web Apps Server | =2013-sp1 | |
| Microsoft Excel 2016 | ||
| Microsoft Excel 2013 | ||
| Microsoft Excel 2013 | ||
| Microsoft Excel 2016 | ||
| Microsoft Office Online Server | ||
| Microsoft Office Web Apps Server 2013 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-41106?
CVE-2022-41106 refers to the Microsoft Excel Remote Code Execution Vulnerability.
How severe is CVE-2022-41106?
CVE-2022-41106 has a severity rating of 8.8 (high).
Which software versions are affected by CVE-2022-41106?
CVE-2022-41106 affects Microsoft Office LTSC for Mac 2021, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2019, Microsoft Office LTSC 2021, Microsoft Office Online Server, Microsoft Office Web Apps Server 2013, and Microsoft 365 Apps for Enterprise.
Is there a patch available for CVE-2022-41106?
Yes, patches are available for CVE-2022-41106. Please refer to the respective product's documentation or Microsoft's security updates page for more information.
Where can I find more information about CVE-2022-41106?
You can find more information about CVE-2022-41106 on Microsoft's Security Response Center (MSRC) website.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/title
- agent/references
- agent/last-modified-date
- agent/description
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/event
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft office 2019 for 32-bit editions
- canonical/microsoft 365 apps for enterprise
- canonical/microsoft excel 2013
- canonical/microsoft excel 2016
- canonical/microsoft office 2019 for 64-bit editions
- canonical/microsoft excel 2013 rt
- canonical/microsoft office web apps server 2013
- canonical/microsoft office ltsc 2021 for 32-bit editions
- canonical/microsoft office online server
- canonical/microsoft office ltsc 2021 for 64-bit editions
- canonical/microsoft 365 apps
- canonical/microsoft excel
- version/microsoft excel/2013-sp1
- version/microsoft excel/2016
- canonical/microsoft office
- version/microsoft office/2019
- version/microsoft office/2021
- canonical/microsoft office web apps server
- version/microsoft office web apps server/2013-sp1