First published: Tue Mar 11 2025(Updated: )
<p>Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p>
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Word 2016 | ||
Microsoft Office LTSC 2021 | ||
Microsoft Office Long Term Servicing Channel for Mac | ||
Microsoft Office Long Term Servicing Channel for Mac | ||
Microsoft Office LTSC 2024 | ||
Microsoft Office LTSC 2021 | ||
Microsoft Office 2019 for Mac | ||
Microsoft Office 2019 for Mac | ||
Microsoft 365 Apps for enterprise | ||
Microsoft 365 Apps for enterprise | ||
Microsoft Word 2016 | ||
Microsoft Office LTSC 2024 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-24079 is classified as a critical vulnerability due to its potential for remote code execution.
To fix CVE-2025-24079, apply the latest security updates provided by Microsoft for affected Word and Office products.
CVE-2025-24079 affects various versions of Microsoft Word, Office LTSC, and Microsoft 365 Apps for Enterprise.
CVE-2025-24079 enables unauthorized attackers to execute code locally on vulnerable machines.
Currently, the best approach is to update to the latest version of affected software, as no specific workaround is recommended.