CVE-2021-34501

Name of the Vulnerable Software and Affected Versions Microsoft Excel (affected versions not specified) Microsoft 365 (affected versions not specified) Microsoft Office (affected versions not specified) Microsoft Office Online Server (affected versions not specified)

Description The issue is related to incorrect code generation management in Microsoft Excel. It allows remote attackers to execute arbitrary code, affecting the system. The vulnerability is also associated with a heap-based buffer overflow during XLS file parsing.

Recommendations For Microsoft Excel, consider disabling the editing of XLS files until a patch is available. For Microsoft 365, restrict access to Microsoft Excel to minimize the risk of exploitation. For Microsoft Office, avoid using the affected versions of Microsoft Excel until the issue is resolved. For Microsoft Office Online Server, limit the parsing of XLS files to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.