Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.
The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office -

Microsoft Office 2016 for 32-bit edition and 64-bit editions
Microsoft



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html