August 13, 2025
Microsoft released critical security updates, addressing three serious vulnerabilities in Microsoft Office that could allow attackers to execute remote code on affected systems.
The vulnerabilities, tracked as CVE-2025-53731, CVE-2025-53740, and CVE-2025-53730, affect multiple versions of Microsoft Office and pose significant security risks to organizations and individual users worldwide.
Key Takeaways1. Critical Office flaws enable code execution via document preview2. All Office versions 2016-2024 affected, millions at risk3. Patches released August 12 – install immediately
Use-After-Free Flaws
The newly disclosed vulnerabilities stem from use-after-free memory corruption issues, classified under CWE-416 in the Common Weakness Enumeration database.
Both CVE-2025-53731 and CVE-2025-53740 received Critical severity ratings with CVSS base scores of 8.4, while CVE-2025-53730, affecting Microsoft Office Visio, was rated as Important with a CVSS score of 7.8.
These vulnerabilities share a standard attack pattern where unauthorized attackers can exploit memory management flaws to execute arbitrary code locally on target systems.
The technical specifications reveal concerning attack vectors, with both critical vulnerabilities featuring a CVSS vector string of CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C.
This indicates low attack complexity, no privileges required, and no user interaction needed for exploitation.
Particularly alarming is that the Preview Pane serves as an attack vector for CVE-2025-53731 and CVE-2025-53740, meaning users could be compromised simply by previewing malicious Office documents.
The vulnerabilities affect a comprehensive range of Microsoft Office products, including Microsoft Office 2016, Office 2019, Office LTSC 2021, Office LTSC 2024, and Microsoft 365 Apps for Enterprise across both 32-bit and 64-bit architectures.
Mac users are also at risk, with Microsoft Office LTSC for Mac 2021 and 2024 versions requiring immediate updates. The widespread impact encompasses millions of users across corporate and consumer environments globally.
Security researchers 0x140ce[LLMole], Li Shuang, and willJ with Vulnerability Research Institute, and researchers from Zscaler’s ThreatLabz were credited with discovering these vulnerabilities through coordinated disclosure processes.
Microsoft’s Security Response Center (MSRC) has confirmed that none of these vulnerabilities have been publicly disclosed or exploited in the wild, with exploitability assessments ranging from “Exploitation Unlikely” to “Exploitation Less Likely”.
