Microsoft has released a security update to patch a use-after-free vulnerability in Microsoft Office Word that could allow an attacker to execute arbitrary code on a victim’s machine. Tracked as CVE-2025-62205, the flaw carries a “Remote Code Execution” (RCE) label in the vendor advisory but is scored with a CVSS attack vector of AV:L (Local), a combination that has caused confusion among defenders. The advisory and independent trackers agree: an attacker can craft a malicious document, deliver it remotely through email or a cloud share, and gain full control of an endpoint—but only when a user opens the file in a vulnerable version of Word. The patch is the definitive fix, and organizations should apply it immediately.

What changed: the vulnerability and the fix

The core flaw is a use-after-free in Word’s document parser. When the application processes a specially crafted file, an attacker can corrupt memory in a way that leads to arbitrary code execution under the logged-on user’s context. The CVSS v3.1 vector published by Microsoft and mirrored across vulnerability databases is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, giving a base score of 7.8. This means exploitation requires local access to the vulnerable process, no privileges, user interaction (opening the file), and results in high impact to confidentiality, integrity, and availability.

Microsoft addressed the issue in its monthly security update cycle. Affected builds of Word across supported channels—including Office 2021, Office 2019, and Microsoft 365 Apps—receive the patch through Windows Update, the Microsoft Update Catalog, or enterprise deployment tools like WSUS and Intune. The update is cumulative, and applying it completely removes the attack surface for this vulnerability. No bypasses are known.

Why the advisory says “Remote Code Execution” but CVSS says Local

The apparent contradiction is a deliberate distinction in how the information is used. In Microsoft’s advisory language, “Remote Code Execution” signals that an attacker does not need physical access to the target machine; a remote adversary can craft and deliver the exploit payload. This is critical for triage because it tells operations teams that the attack can originate from anywhere with network connectivity.

The CVSS Attack Vector metric, however, measures the technical context in which the vulnerable code is invoked. According to the CVSS specification, AV:L (Local) is appropriate when exploitation happens inside a local process, even if the triggering data arrived from a remote source. Because Word parses files as a local user-mode application—not over a network socket—the correct vector is Local. In short: the title describes the attacker’s position and ultimate impact, while the CVSS vector describes how exploitation actually unfolds.

This dual-label pattern is common for document-based vulnerabilities. It does not indicate a scoring error; rather, it highlights that defenders must consider both the delivery mechanism and the exploitation mechanism when prioritizing patches and layered defenses.

Who’s affected and what’s at stake

Any Windows system with a vulnerable version of Microsoft Word is at risk. Attackers need only convince a user to open a malicious .docx or .doc file. Typical infection vectors include spear-phishing emails with weaponized attachments, links to files hosted on cloud storage, or malicious websites that automatically download and prompt users to open a document. While the vulnerability requires user interaction, social engineering makes that bar very low—file-based RCEs have been a top initial access method in real-world attacks for years.

Once an attacker achieves code execution, they inherit the permissions of the Word process. If the user is a local administrator, the attacker gains full system control. On systems where least privilege is enforced, the attacker must escalate privileges to move laterally or disable defenses, but they can still execute arbitrary binaries, establish persistence, and steal data.

Organizations running server‑side document processing—such as mail servers that generate previews, document‑conversion services, or collaboration platforms that render Office files—face elevated risk. If a vulnerable parser runs in a network‑exposed process, the attack vector may shift from Local to Network (AV:N), which completely changes the severity and urgency. Administrators should audit any service that automatically parses Word documents on behalf of remote users.

How we got here: a recurring theme in Office security

Use‑after‑free vulnerabilities have plagued productivity suites for decades because parsing complex file formats involves memory management far more intricate than typical application logic. Office formats contain rich structures, embedded objects, and references that attackers can manipulate to trigger memory corruption at a precise moment. While Microsoft has invested heavily in mitigations—including Control Flow Guard, Arbitrary Code Guard, and Office’s own sandboxing and Protected View—the attack surface remains large.

The confusion between RCE titles and CVSS local vectors is also not new. Veteran security practitioners have learned to read past the headline, but automated vulnerability scanners and junior analysts often mis‑prioritize these bugs if they only look at the numeric CVSS score. Microsoft began explicitly clarifying the terminology in its advisory notes alongside each CVE, stating: “The word Remote in the title refers to the location of the attacker.” That disclaimer now appears alongside CVE-2025-62205 and many others.

Despite the clarifications, the pattern continues to generate discussion because misreading AV:L as “not remotely exploitable” can lead to under‑patching—a mistake that attackers regularly exploit. In the 2023 MOVEit Transfer compromise chain, for example, a vulnerability that was technically local was later used by ransomware groups through a service that accepted file uploads, proving that the delivery context matters as much as the CVSS vector.

What to do right now

Patch immediately

Apply the Microsoft security update that addresses CVE-2025-62205. For home users, that means opening Windows Update, checking for Office updates, and installing everything listed. Enterprises should deploy the patch via their standard software distribution pipeline and verify compliance on all endpoints. The update is available through the Microsoft Update Catalog for offline installation or air‑gapped environments.

Harden your Office and email configurations

While patching closes the code flaw, layered defenses buy you time against future zero‑days:

  • Enforce Protected View. Configure Office to open all files from the internet or email in Protected View by default. This sandboxes the document and blocks most exploitation techniques.
  • Disable automatic preview panes. In Outlook and File Explorer, turn off the preview handler so that simply highlighting a message or file does not trigger parsing. This prevents “clickless” exploitation scenarios.
  • Implement ASR rules. Use Attack Surface Reduction rules—available in Microsoft Defender for Endpoint—to block Office applications from spawning child processes like PowerShell, cmd.exe, and WMIC. This alone stops many post‑exploitation chains.
  • Sandbox email attachments. Route all incoming attachments through a mail gateway detonation chamber or sandbox service. Block executables, password‑protected archives, and macros that aren’t digitally signed by a trusted publisher.
  • Apply least privilege. Ensure users operate without local administrator rights. If they must have elevated privileges for specific tasks, use a secondary account or Just‑in‑Time elevation tools.

Monitor for exploitation attempts

Even with a patch, assume some endpoints will remain vulnerable due to update lag or forgotten systems. Configure your EDR platform to alert on:

  • Office processes (WINWORD.EXE, EXCEL.EXE) spawning unexpected children: cmd.exe, powershell.exe, wscript.exe, mshta.exe, or regsvr32.exe.
  • Outbound network connections from Office binaries, especially to dynamic DNS or unusual IP addresses.
  • New persistence entries—scheduled tasks, Run registry keys, or services—created shortly after a document open event.
  • Sandbox detonations that flag anomalous behaviors: memory allocation spikes, shellcode execution, or privilege escalation attempts.

If you detect such activity, isolate the endpoint from the network immediately, collect forensic artifacts, and initiate your incident response process. The original malicious document should be preserved for analysis and sharing with threat intelligence groups.

Audit server‑side Office processing

Check for any service in your environment that automatically parses Word documents: Exchange Online or on‑premises Exchange mail servers that render previews, SharePoint document libraries that generate thumbnails, or third‑party applications that convert Office files to PDF. If any of these components use a vulnerable Word parser, the exposure changes from local to network, dramatically increasing the urgency. Contact the vendor for guidance or disable the feature until you can verify that the parsing engine is patched.

Outlook: what to watch next

CVE-2025-62205 is likely to follow a familiar trajectory. As researchers and attackers reverse‑engineer the patch, proof‑of‑concept exploits will appear, first in private forums and then publicly. Even without a PoC, the class of vulnerability is well‑understood, and weaponizing a use‑after‑free in a widely deployed office suite is primarily an engineering effort, not a research breakthrough. Organizations that treat this as a routine update—applying the patch, enforcing hardened configurations, and continuously monitoring for signs of compromise—will be well‑positioned to weather the after‑patch exploitation window.

Longer term, expect Microsoft to continue investing in sandboxing and memory‑safe parsing. The move toward isolating Office components in Virtualization‑Based Security containers and the incremental adoption of Rust in Windows subsystems hint at a future where such bugs are harder to exploit. For now, though, pragmatic and rapid patching remains the most effective defense.