Cisco Talos recently discovered a class attribute double-free vulnerability in Microsoft Office.

Microsoft Office is a suite of tools used for productivity in both a corporate environment as well as by end-users. It offers a range of tools that can be used for various purposes. Such as Excel for spreadsheets, Word for document editing, Outlook for email, PowerPoint for presentations, etc.

Talos has identified a double-free vulnerability in Microsoft Office Excel. TALOS-2022-1591 (CVE-2022-41106) allows an attacker to provide a malicious file to trigger a possible arbitrary code execution.

Cisco Talos worked with Microsoft to ensure that this issue was resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy.

Users are encouraged to update these affected products as soon as possible: Microsoft Office Microsoft Office Excel 2019 x86 - version 2207 build 15427.20210 and version 2202 build 14931.20660. Talos tested and confirmed these versions of Office could be exploited by these vulnerabilities.

The following Snort rules will detect exploitation attempts against these vulnerabilities: 60500-60501. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.