How to fix EUVD-2025-17729?

Within 24 hours: Inventory all systems running Microsoft Office Word and assess exposure in high-risk departments (finance, legal, executive). Within 7 days: Implement application whitelisting for Word processes, disable dangerous features (macros, OLE), and enforce enhanced email filtering for Office documents. Within 30 days: Monitor vendor communications for patch availability; conduct threat hunting for exploitation indicators; consider temporary restrictions on Word usage for non-critical functions or enforce read-only mode with external documents.

Is 365 Apps affected by EUVD-2025-17729?

CVE-2025-47170 is a use-after-free vulnerability in Microsoft Office Word that allows local attackers to execute arbitrary code on affected systems.

EUVD-2025-17729

| CVE-2025-47170 HIGH

2025-06-10 [email protected]

7.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 14, 2026 - 19:49 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 19:49 euvd

EUVD-2025-17729

CVE Published

Jun 10, 2025 - 17:23 nvd

HIGH 7.8

Description

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Analysis

Use-after-free vulnerability in Microsoft Office Word that allows local, unauthenticated attackers to execute arbitrary code with high impact (confidentiality, integrity, availability). The vulnerability requires user interaction (e.g., opening a malicious document) but has low attack complexity, making it a significant local code execution threat. Without confirmed KEV status or EPSS data provided, the CVSS 7.8 score indicates high severity, though real-world exploitability depends on whether public exploits or proofs-of-concept have emerged.

Technical Context

This vulnerability is rooted in CWE-416 (Use After Free), a memory safety defect where Microsoft Word's document processing engine references memory that has been freed or deallocated. The defect likely occurs in Word's XML/document object model parsing or rendering subsystem when handling specially crafted Office Open XML (.docx) files. The use-after-free condition could corrupt the heap, overwrite function pointers, or leak sensitive memory, enabling code execution through classic heap exploitation techniques. Affected CPE would be Microsoft Office Word across multiple versions (likely Microsoft Word 2016, 2019, Office 365 perpetual/subscription variants), though specific version ranges are not provided in the source data.

Affected Products

- vendor: Microsoft; product: Office Word; versions: 2016, 2019, Office 365 (all versions until patched); cpe_family: cpe:2.3:a:microsoft:word; notes: Specific version ranges not provided; assume latest versions and recent legacy versions affected

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +39

POC: 0

EUVD-2025-17729 vulnerability details – vuln.today

Back

EUVD-2025-17729

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Share

EUVD-2025-17729

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Share

External POC / Exploit Code