CVE-2025-27746

Name of the Vulnerable Software and Affected Versions Microsoft Office (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified)

Description The issue is related to a use after free vulnerability in Microsoft Office, which can allow an unauthorized attacker to execute arbitrary code locally. This can potentially enable remote attackers to execute code and affect the system. The estimated number of potentially affected devices worldwide is not provided.

Recommendations For Microsoft Office, update to the latest version that includes the security updates for Mac to be protected from this vulnerability. For Microsoft 365 Apps for Enterprise, no specific fix is provided, but customers should ensure they are running the latest version of the software. As a temporary workaround, consider disabling any features that may be using the vulnerable component until a patch is available. Restrict access to any modules or functions that may be affected by the use after free vulnerability to minimize the risk of exploitation.