| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2022-38048 | Microsoft Office Remote Code Execution Vulnerability | Microsoft Office 2019 | Critical | 17-10-2022 |
Technical Information
An arbitrary code execution vulnerability in Microsoft Office ClickToRun, its a solution to make installing and launching Office products faster. The attack has to be carried out locally. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host machine in the context of the logged on user.
Further information on this vulnerability is available at : CVE-2022-38048
Affected Software
Microsoft Office 2019 for 32-bit editions,Microsoft Office 2019 for 64-bit editions,
Microsoft Office 2019 for Mac,
Microsoft 365 Apps for Enterprise for 32-bit Systems,
Microsoft 365 Apps for Enterprise for 64-bit Systems,
Microsoft Office LTSC for Mac 2021,
Microsoft Office LTSC 2021 for 64-bit editions,
Microsoft Office LTSC 2021 for 32-bit editions,
Microsoft Office 2016 (32-bit edition),
Microsoft Office 2016 (64-bit edition),
Microsoft Office 2013 RT Service Pack 1,
Microsoft Office 2013 Service Pack 1 (32-bit editions),
Microsoft Office 2013 Service Pack 1 (64-bit editions)