CVE-2025-30379: 
vulnerability analysis and mitigation

CVE-2025-30379 is a Remote Code Execution (RCE) vulnerability affecting Microsoft Excel, disclosed as part of Microsoft's May 2025 Patch Tuesday security updates. The vulnerability involves the release of an invalid pointer or reference in Microsoft Office Excel that allows an unauthorized attacker to execute code locally. The affected systems include various versions of Microsoft Excel, Office 2019, Microsoft 365 Apps Enterprise, and Office Online Server (NVD, Wiz).

The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. It is classified under CWE-763 (Release of Invalid Pointer or Reference). The vulnerability affects multiple Microsoft products including Microsoft 365 Apps Enterprise (x64 and x86), Excel 2016, Office 2019, and Office Online Server versions up to (excluding) 16.0.10417.20010 (NVD).

As a Remote Code Execution vulnerability, CVE-2025-30379 could enable attackers to execute malicious code on affected systems through specially crafted Excel files. The high CVSS score indicates significant potential impact on the confidentiality, integrity, and availability of affected systems (Wiz).

Microsoft has released security patches for this vulnerability as part of the May 2025 Patch Tuesday updates. The update (KB5002707) is available through multiple channels including Microsoft Update, Microsoft Update Catalog, and Microsoft Download Center. Users and administrators are strongly advised to apply these updates immediately through Windows Update or enterprise management tools (Microsoft Support).