Office
by Microsoft
Take action — actively targeted
Office is actively targeted by attackers. A significant proportion of its known vulnerabilities are being exploited.
What to do
- Apply all available updates immediately
- Review your exposure — is this internet-facing?
- Monitor vendor advisories for this product
What Attackers Target
Vulnerabilities with high exploit probability
44.5%
Confirmed actively exploited (CISA)
5.0%
Public exploit code available
4.2%
Based on 686 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2017-11882 | 7.8 | 94.4% | Yes |
| CVE-2012-0158 | 8.8 | 94.3% | Yes |
| CVE-2017-0199 | 7.8 | 94.3% | Yes |
| CVE-2017-8570 | 7.8 | 94.2% | Yes |
| CVE-2018-0802 | 7.8 | 94.1% | Yes |
| CVE-2018-0798 | 8.8 | 94.1% | Yes |
| CVE-2010-3333 | 7.8 | 93.8% | Yes |
| CVE-2015-1641 | 7.8 | 93.6% | Yes |
| CVE-2015-2545 | 7.8 | 93.4% | Yes |
| CVE-2023-23397 | 9.8 | 93.4% | Yes |
| CVE-2017-0261 | 7.8 | 92.9% | Yes |
| CVE-2013-3906 | 7.8 | 92.6% | Yes |
| CVE-2014-1761 | 7.8 | 92.6% | Yes |
| CVE-2012-1856 | 8.8 | 91.6% | Yes |
| CVE-2023-21716 | 9.8 | 91.4% | — |
| CVE-2009-3129 | 7.8 | 91.2% | Yes |
| CVE-2013-1331 | 7.8 | 88.9% | Yes |
| CVE-2009-0557 | 7.8 | 86.4% | Yes |
| CVE-2019-0541 | 8.8 | 83.4% | Yes |
| CVE-2008-0081 | 9.8 | 81.8% | — |
60
/ 100
high-risk
Active Threat
50/50 · Critical
Exploit Availability
10/50 · Low
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.