CVE-2025-62557 Microsoft CVE debrief

Who should care

Administrators and security teams managing Microsoft Office deployments, especially fleets running Office LTSC, Microsoft 365 Apps for enterprise, or mixed Windows/macOS/Android Office installations. Endpoint teams should prioritize systems where untrusted local software or users can run.

Technical summary

The supplied NVD record describes a use-after-free condition in Microsoft Office that can be abused by an unauthorized local attacker to execute code. The CVSS vector is AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating high impact once local access conditions are met. NVD lists vulnerable CPEs for Microsoft 365 Apps for enterprise, Office 2016/2019, Office LTSC 2021/2024, and Office for Android. Microsoft’s advisory is referenced by NVD for vendor guidance.

Defensive priority

High — patch affected Microsoft Office installations promptly, with extra urgency on endpoints that allow untrusted local execution or that host sensitive data.

Recommended defensive actions

• Apply the Microsoft update referenced in the vendor advisory for CVE-2025-62557.
• Inventory Office deployments against the affected NVD CPE families, including Microsoft 365 Apps for enterprise and Office LTSC 2021/2024.
• Treat shared workstations and endpoints with broader local user access as higher priority for remediation.
• Monitor for unusual Office crashes or suspicious local execution activity on affected systems.
• Confirm remediation using Microsoft’s Security Update Guide entry for CVE-2025-62557.

Evidence notes

This debrief is based on the supplied NVD record and the Microsoft security advisory link referenced by NVD. The CVE description, CVSS vector, CWE-416 mapping, and affected CPE criteria are taken from the provided corpus. No exploit steps, reproduction details, or unsupported remediation specifics are included.

Official resources