| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2022-22004 | Microsoft Office ClickToRun Remote Code Execution Vulnerability | Microsoft 365 | Important | 15-02-2022 |
Technical Information
Brief overview of the risk:
An arbitrary code execution vulnerability in Microsoft Office ClickToRun, its a solution to make installing and launching Office products faster. The attack has to be carried out locally. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host machine in the context of the logged on user.
Further information on this vulnerability is available at : CVE-2022-22004
Affected Software
Microsoft Office 2013 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2013 Click-to-Run (C2R) for 64-bit editions,
Microsoft 365 Apps for Enterprise for 32-bit Systems,
Microsoft 365 Apps for Enterprise for 64-bit Systems