CVE-2021-31939

Name of the Vulnerable Software and Affected Versions Microsoft Excel (affected versions not specified) Microsoft 365 (affected versions not specified) Microsoft Office (affected versions not specified) Microsoft Office Online Server (affected versions not specified) Microsoft Office Web Apps Server (affected versions not specified)

Description A vulnerability in Microsoft Excel is related to the use of memory after it has been freed. This issue can be exploited by a remote attacker to execute arbitrary code. The vulnerability is associated with the parsing of XLS files and can lead to a use-after-free remote code execution.

Recommendations For Microsoft Excel, consider disabling the use of XLS file parsing until a patch is available. For Microsoft 365, restrict access to Microsoft Excel to minimize the risk of exploitation. For Microsoft Office, avoid using the affected versions of Microsoft Excel until the issue is resolved. For Microsoft Office Online Server and Microsoft Office Web Apps Server, restrict access to Microsoft Excel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.