CVE-2022-47211

Name of the Vulnerable Software and Affected Versions Microsoft Office Graphics versions (affected versions not specified) Microsoft 365 Apps for Enterprise versions (affected versions not specified)

Description The issue is related to insufficient input validation in the Microsoft Office Graphics component. This can be exploited by an attacker to execute arbitrary code by providing specially crafted data. The vulnerability is also associated with a stack-based buffer overflow in the parsing of SKP files in Microsoft Office, which can lead to remote code execution.

Recommendations For Microsoft Office Graphics, update to a version that includes the fix for this issue. For Microsoft 365 Apps for Enterprise, apply the necessary security updates to resolve the vulnerability. As a temporary workaround, consider restricting the handling of SKP files in Microsoft Office until a patch is available.