CVE-2022-41103

Name of the Vulnerable Software and Affected Versions Microsoft Office (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified) Microsoft SharePoint (affected versions not specified) Microsoft Excel (affected versions not specified) Microsoft Office Web Apps Server (affected versions not specified) Microsoft Word (affected versions not specified)

Description The issue is related to a lack of protection for internal data in Microsoft products. It may allow an attacker to gain unauthorized access to a device using a specially crafted file. The vulnerability can lead to information disclosure and potentially affect the system.

Recommendations For Microsoft Office, consider restricting access to sensitive data until a fix is available. For Microsoft 365 Apps for Enterprise, avoid using potentially vulnerable features that may lead to information disclosure. For Microsoft SharePoint, restrict access to sensitive areas of the system to minimize the risk of exploitation. For Microsoft Excel, be cautious when opening files from untrusted sources to reduce the risk of unauthorized access. For Microsoft Office Web Apps Server, limit the use of the server for sensitive operations until the issue is resolved. For Microsoft Word, as a temporary workaround, consider disabling the use of specially crafted files that may exploit the vulnerability until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.