#microsoft

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

**Is the Preview Pane an attack vector for this vulnerability?** No, the Preview Pane is not an attack vector.

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

**How can I verify that the update is installed?** Customers wanting to ensure the client has been updated can run the MDE Client Analyzer on the device. When running the analyzer on a Windows device that does not have the security update, the analyzer will present a warning (ID 121035) indicating missing patch and directing to relevant online article. Additionally, if the update is installed, but the Anti-Spoofing capability is not in a stable state, the analyzer will present warning (ID 121036) indicating an issue and providing additional online guidance or callout to reach out to Microsoft support if issue persists.

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.

Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.