CVE-2025-62199
published 2025-11-11CVE-2025-62199: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | excel | — | — |
| microsoft | microsoft_365_apps_for_enterprise | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_2016 | >= 16.0.0 < 16.0.5526.1000 | 16.0.5526.1000 |
| microsoft | microsoft_office_for_android | >= 16.0.1 < 16.0.19426.20044 | 16.0.19426.20044 |
| microsoft | microsoft_office_ltsc_2021 | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2024 | >= 16.0.0 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_for_mac_2021 | >= 16.0.1 < 16.103.25110922 | 16.103.25110922 |
| microsoft | microsoft_office_ltsc_for_mac_2024 | >= 16.0.0 < 16.103.25110922 | 16.103.25110922 |
| microsoft | office | < 16.0.19426.20044 | 16.0.19426.20044 |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| msrc | microsoft_365_apps_for_enterprise_for_32-bit_systems | — | — |
| msrc | microsoft_365_apps_for_enterprise_for_64-bit_systems | — | — |
| msrc | microsoft_office_2016 | — | — |
| msrc | microsoft_office_for_android | — | — |
| msrc | microsoft_office_ltsc_2021_for_32-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2021_for_64-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2024_for_32-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2024_for_64-bit_editions | — | — |
| msrc | microsoft_office_ltsc_for_mac_2021 | — | — |
| msrc | microsoft_office_ltsc_for_mac_2024 | — | — |