Use After Free Vulnerability in Microsoft Office
CVE-2025-62199

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Microsoft Office 2016
Microsoft Office Ltsc 2021
Microsoft Office Ltsc 2024
Microsoft Office For Android
Vendor
CVE Published:
11 November 2025

What is CVE-2025-62199?

A use after free vulnerability in Microsoft Office could allow an unauthorized attacker to execute arbitrary code on affected installations. This issue may lead to potential data breaches or system compromise, highlighting the need for immediate updates and security measures.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Office 2016 32-bit Systems 16.0.0 < 16.0.5526.1000

Microsoft Office for Android Unknown 16.0.1 < 16.0.19426.20044

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.