CVE-2025-24057

Summary

CVE-2025-24057 is a critical vulnerability affecting Microsoft Office. This issue involves a heap-based buffer overflow, enabling unauthorized attackers to execute code locally on a victim's system. By exploiting this vulnerability, an attacker can gain control over the affected Microsoft Office application and potentially take further actions, such as installing malware or stealing sensitive data. This vulnerability poses a significant risk to users who open maliciously crafted documents or click on specially crafted email attachments. To mitigate this risk, Microsoft strongly advises users to keep their Office applications updated with the latest security patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.