CVE-2021-43875

Name of the Vulnerable Software and Affected Versions Microsoft Office Graphics versions (affected versions not specified) Microsoft 365 Apps for Enterprise versions (affected versions not specified) Microsoft Word versions (affected versions not specified)

Description The issue is related to incorrect code generation management in Microsoft Office Graphics components. This can be exploited by an attacker to execute arbitrary code remotely by opening a specially crafted file. The vulnerability is associated with an integer overflow in the glTF-SDK.

Recommendations For Microsoft Office Graphics, update to a version that includes the fix for this issue. For Microsoft 365 Apps for Enterprise, apply the recommended configuration changes to mitigate the risk of exploitation. For Microsoft Word, consider disabling the use of glTF-SDK until a patch is available. As a temporary workaround, avoid opening specially crafted files from untrusted sources to minimize the risk of exploitation.