Vulnerability in Microsoft Office products (update)  [31.05.22]

Update: Microsoft gives recommendations (see article at heise.de, in german)

Security researchers discovered a Word document that loads and executes malicious code from the Internet when opened, even when macro execution is disabled. According to the security researcher, the exploit found works in several tested configurations (Office 2013/2016/2021, Windows 10/11) with all Microsoft Office products - i.e. also with Excel, PowerPoint, etc..

In current versions, the protected view prevents the malicious code from running. It is also reported that the exploit would become more dangerous by changing the document to RTF format, so that the reloading and execution would already happen in the Windows Explorer preview - even without disabling the protected view.

Until Microsoft provides official patches, users of Microsoft Office should 

  1. be careful especially when dealing with foreign Office documents,
  2. do not save or open RTF files from untrusted sources in e-mails, and
  3. if technically possible, to follow the recommendation to upgrade to the current version.

If you have any questions, please contact the IT service desk.


Back to All news


Do you have questions or comments about this site? contact form