PatchSiren cyber security CVE debrief
CVE-2022-29109 Microsoft CVE debrief
CVE-2022-29109 is a remote code execution vulnerability in Microsoft Excel, published by Microsoft on May 10, 2022. The vulnerability allows an attacker to execute arbitrary code on affected systems when a user opens a specially crafted Excel file. The CVSS 3.1 score of 7.8 (HIGH) reflects local attack vector, low attack complexity, no privileges required, but user interaction required, with high impact to confidentiality, integrity, and availability. The vulnerability affects multiple Microsoft Office products including Microsoft 365 Apps for Enterprise (x64 and x86), Office 2019 (x64 and x86), Office LTSC 2021 (x64 and x86), and Office Online Server. Microsoft released security updates to address this vulnerability as part of their May 2022 Patch Tuesday. Organizations should apply the available patches and follow Microsoft's security guidance to mitigate risk.
- Vendor
- Microsoft
- Product
- Microsoft Office 2019
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2022-05-10
- Original CVE updated
- 2026-05-19
- Advisory published
- 2022-05-10
- Advisory updated
- 2026-05-19
Who should care
Organizations using Microsoft Excel and Office products, particularly those with users who regularly receive external documents. Security teams responsible for patch management and endpoint protection.
Technical summary
Microsoft Excel remote code execution vulnerability affecting Microsoft 365 Apps, Office 2019, Office LTSC 2021, and Office Online Server. Requires user interaction to open a malicious file. Patched by Microsoft May 2022.
Defensive priority
HIGH
Recommended defensive actions
- Apply Microsoft security updates for affected Office products as detailed in Microsoft Security Response Center guidance
- Review and implement Microsoft security configuration recommendations for Office applications
- Consider enabling Protected View or Application Guard for Office to reduce attack surface from untrusted documents
- Monitor for suspicious Excel file attachments in email and web traffic
- Ensure endpoint detection and response (EDR) solutions are configured to detect anomalous Office application behavior
Evidence notes
CVE published 2022-05-10; NVD record last modified 2026-05-19. Microsoft security guidance confirms patch availability. No KEV listing observed.
Official resources
-
CVE-2022-29109 CVE record
CVE.org
-
CVE-2022-29109 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
-
Mitigation or vendor reference
af854a3a-2127-422b-91ae-364da2661108 - Patch, Vendor Advisory
2022-05-10