CVE-2024-39804

Name of the Vulnerable Software and Affected Versions Microsoft PowerPoint version 16.83

Description A library injection issue exists, allowing a specially crafted library to leverage PowerPoint's access privileges and bypass permissions. This can be triggered by a malicious application injecting a library and starting the program, then utilizing the vulnerable application's permissions. The vulnerability is related to incorrect cryptographic signature verification, which can be exploited to bypass existing security restrictions.

Recommendations For Microsoft PowerPoint version 16.83, consider disabling the vulnerable library injection functionality until a patch is available. Restrict access to the application to minimize the risk of exploitation. Avoid using the application with untrusted libraries or inputs until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.