CVE-2021-38655

Name of the Vulnerable Software and Affected Versions Microsoft Excel (affected versions not specified) Microsoft 365 (affected versions not specified) Microsoft Office (affected versions not specified) Microsoft Office Online Server (affected versions not specified) Microsoft Office Web Apps (affected versions not specified)

Description A vulnerability in Microsoft Excel is related to the use of memory after it has been freed. This issue can be exploited by a remote attacker to execute arbitrary code. The vulnerability is associated with the parsing of XLS files.

Recommendations For Microsoft Excel, consider disabling the use of XLS file parsing until a patch is available. For Microsoft 365, restrict access to Microsoft Excel to minimize the risk of exploitation. For Microsoft Office, avoid using the affected versions of Microsoft Excel until the issue is resolved. For Microsoft Office Online Server, restrict access to Microsoft Excel Online to minimize the risk of exploitation. For Microsoft Office Web Apps, consider disabling the use of Microsoft Excel Web App until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.