CVE-2022-41060

Name of the Vulnerable Software and Affected Versions Microsoft Word (affected versions not specified) Microsoft Office (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified) Microsoft SharePoint (affected versions not specified) Microsoft Excel (affected versions not specified) Microsoft Office Web Apps Server (affected versions not specified)

Description The issue exists due to insufficient input validation in Microsoft packages. Exploitation of this issue may allow an attacker to disclose protected information using a specially crafted file. This can potentially allow attackers to obtain sensitive information and affect the system.

Recommendations For Microsoft Word, consider restricting the use of specially crafted files until a patch is available. For Microsoft Office, Microsoft 365 Apps for Enterprise, Microsoft SharePoint, Microsoft Excel, and Microsoft Office Web Apps Server, at the moment, there is no information about a newer version that contains a fix for this vulnerability.