CVE-2024-41165

Name of the Vulnerable Software and Affected Versions Microsoft Word version 16.83

Description A library injection vulnerability exists in Microsoft Word for macOS. This issue allows a specially crafted library to leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability, then make use of the vulnerable application's permissions. The vulnerability is related to incorrect cryptographic signature verification.

Recommendations For Microsoft Word version 16.83, consider disabling the use of external libraries until a patch is available. Restrict access to the application to minimize the risk of exploitation. Avoid using the application for sensitive tasks until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.