First published: Wed Dec 18 2024(Updated: )
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Office Word |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-41165 has been classified as a critical vulnerability due to the potential for permission bypass.
To fix CVE-2024-41165, ensure that Microsoft Word for macOS is updated to the latest version provided by Microsoft.
CVE-2024-41165 is a library injection vulnerability that allows a malicious library to exploit Word's access privileges.
CVE-2024-41165 affects Microsoft Word 16.83 for macOS.
A malicious application can inject a library to trigger CVE-2024-41165, leading to potential unauthorized access and permissions bypass.