CVE-2022-24462 Microsoft CVE debrief

Who should care

Organizations running affected Microsoft Office versions, particularly those with users who regularly handle documents from external or untrusted sources. Security teams responsible for endpoint protection and patch management should prioritize this vulnerability based on document-centric attack surface exposure.

Technical summary

CVE-2022-24462 is a security feature bypass vulnerability in Microsoft Word with a CVSS 3.1 score of 5.5 (Medium). The vulnerability has a local attack vector (AV:L) with low attack complexity (AC:L), requires no privileges (PR:N) but does require user interaction (UI:R). Successful exploitation results in high integrity impact (I:H) with no confidentiality or availability impact. Affected products include Microsoft 365 Apps for Enterprise, Office 2019, and Office LTSC 2021. The vulnerability was disclosed on March 9, 2022, and Microsoft released security updates to address it.

Defensive priority

medium

Recommended defensive actions

• Apply Microsoft security updates for affected Office versions per Microsoft Security Response Center guidance
• Prioritize patching based on user exposure to untrusted documents
• Review and enforce Office macro and document security policies
• Monitor for anomalous document handling behavior on endpoints

Evidence notes

NVD CPE data identifies affected Microsoft Office products: Microsoft 365 Apps for Enterprise, Office 2019, and Office LTSC 2021. CVSS 3.1 vector AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N confirms local attack vector with user interaction required. Microsoft Security Response Center guidance is the authoritative remediation source.

Official resources