CVE-2024-21379: 
vulnerability analysis and mitigation

Microsoft Word Remote Code Execution Vulnerability (CVE-2024-21379) was disclosed on February 13, 2024. This vulnerability affects multiple Microsoft products including Microsoft 365 Apps Enterprise, Office 2019, Office LTSC 2021, and Word 2016. The vulnerability was initially reported to Microsoft on October 3, 2023, and subsequently coordinated for public release (ZDI).

The vulnerability exists within the parsing of PDF files in Microsoft Word. The specific flaw results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. Microsoft has assigned this vulnerability a CVSS v3.1 base score of 7.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability has been classified as CWE-190 (Integer Overflow or Wraparound) (NVD).

If successfully exploited, this vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. The attacker can leverage this vulnerability to execute code in the context of the current user, potentially gaining the same privileges as the logged-on user (ZDI).

Microsoft has issued a security update to address this vulnerability. Users are advised to apply the latest security updates available through the Microsoft Security Response Center (MSRC).