CVE-2025-30386: 
vulnerability analysis and mitigation

A use-after-free vulnerability (CVE-2025-30386) was discovered in Microsoft Office, which allows an unauthorized attacker to execute code locally. The vulnerability was disclosed on May 13, 2025, as part of Microsoft's May 2025 Patch Tuesday updates. The vulnerability affects multiple versions of Microsoft Office products, including Office 2016, Office 2019, Microsoft 365 Apps Enterprise, and Office Long Term Servicing Channel versions for both Windows and macOS platforms (NVD, Wiz).

The vulnerability is classified as CWE-416 (Use After Free) and has received varying CVSS v3.1 base scores. Microsoft Corporation assigned a CVSS score of 8.4 (HIGH) with the vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, while NIST assigned a score of 7.8 (HIGH) with the vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The scoring indicates that the vulnerability requires local access but no privileges, with slightly different assessments regarding user interaction requirements (NVD).

If successfully exploited, this vulnerability allows an unauthorized attacker to execute arbitrary code in the local context, potentially leading to complete system compromise with the privileges of the current user (Wiz).

Microsoft has released security updates to address this vulnerability as part of the May 2025 Patch Tuesday. Users are advised to apply the latest security updates through Windows Update (Wiz).