CVE-2025-24079
Published: 11 March 2025
Description
An adversary may rely upon a user opening a malicious file in order to gain execution.
Security Summary
CVE-2025-24079 is a use-after-free vulnerability (CWE-416) in Microsoft Office Word. Published on 2025-03-11, it carries a CVSS v3.1 base score of 7.8 (High), with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The flaw enables an unauthorized attacker to execute code locally on affected systems running vulnerable versions of Microsoft Office Word.
An attacker can exploit this vulnerability with local access to the target system, requiring no privileges (PR:N) but necessitating user interaction (UI:R), such as convincing a user to open a malicious Word document. Successful exploitation leads to arbitrary code execution in the context of the Word process, granting high-impact confidentiality, integrity, and availability consequences (C:H/I:H/A:H) without changing scope.
The Microsoft Security Response Center (MSRC) provides detailed guidance on this vulnerability, including mitigation steps and patches, via its update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24079. Security practitioners should consult this resource for affected versions and deployment instructions.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Use-after-free in Office Word enables arbitrary code execution via malicious document requiring user interaction, directly mapping to client-side exploitation (T1203) and malicious file execution (T1204.002).