Microsoft Office Long Term Servicing Channel
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Office Long Term Servicing Channel.
By the Year
In 2025 there have been 14 vulnerabilities in Microsoft Office Long Term Servicing Channel with an average score of 7.8 out of ten. Last year, in 2024 Office Long Term Servicing Channel had 36 security vulnerabilities published. Right now, Office Long Term Servicing Channel is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.11.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 14 | 7.80 |
2024 | 36 | 7.69 |
2023 | 45 | 7.47 |
2022 | 19 | 7.10 |
2021 | 11 | 7.37 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Office Long Term Servicing Channel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Office Long Term Servicing Channel Security Vulnerabilities
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel
CVE-2025-30383
7.8 - High
- May 13, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
Use after free in Microsoft Office
CVE-2025-30386
7.8 - High
- May 13, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Dangling pointer
Heap-based buffer overflow in Windows Win32K - GRFX
CVE-2025-30388
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
Memory Corruption
Use after free in Microsoft Office Excel
CVE-2025-30393
7.8 - High
- May 13, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Buffer over-read in Microsoft Office Excel
CVE-2025-32704
7.8 - High
- May 13, 2025
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Out-of-bounds read in Microsoft Office Outlook
CVE-2025-32705
7.8 - High
- May 13, 2025
Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Heap-based buffer overflow in Microsoft Office Excel
CVE-2025-30376
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Memory Corruption
Use after free in Microsoft Office
CVE-2025-30377
7.8 - High
- May 13, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Dangling pointer
Release of invalid pointer or reference in Microsoft Office Excel
CVE-2025-30379
7.8 - High
- May 13, 2025
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Release of Invalid Pointer or Reference
Out-of-bounds read in Microsoft Office Excel
CVE-2025-30381
7.8 - High
- May 13, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Use after free in Microsoft Office Excel
CVE-2025-29977
7.8 - High
- May 13, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Use after free in Microsoft Office PowerPoint
CVE-2025-29978
7.8 - High
- May 13, 2025
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
Dangling pointer
Heap-based buffer overflow in Microsoft Office Excel
CVE-2025-29979
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Memory Corruption
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel
CVE-2025-30375
7.8 - High
- May 13, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
Microsoft Access Remote Code Execution Vulnerability
CVE-2024-49142
7.8 - High
- December 12, 2024
Microsoft Access Remote Code Execution Vulnerability
Dangling pointer
Microsoft Office Elevation of Privilege Vulnerability
CVE-2024-49059
7 - High
- December 12, 2024
Microsoft Office Elevation of Privilege Vulnerability
Race Condition
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-49065
5.5 - Medium
- December 12, 2024
Microsoft Office Remote Code Execution Vulnerability
Out-of-bounds Read
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49069
7.8 - High
- December 12, 2024
Microsoft Excel Remote Code Execution Vulnerability
Dangling pointer
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49028
7.8 - High
- November 12, 2024
Microsoft Excel Remote Code Execution Vulnerability
Out-of-bounds Read
Microsoft Office Graphics Component Remote Code Execution Vulnerability
CVE-2024-49031
7.8 - High
- November 12, 2024
Microsoft Office Graphics Remote Code Execution Vulnerability
Buffer Over-read
Microsoft Office Graphics Component Remote Code Execution Vulnerability
CVE-2024-49032
7.8 - High
- November 12, 2024
Microsoft Office Graphics Remote Code Execution Vulnerability
Dangling pointer
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49026
7.8 - High
- November 12, 2024
Microsoft Excel Remote Code Execution Vulnerability
Command Injection
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49027
7.8 - High
- November 12, 2024
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49029
7.8 - High
- November 12, 2024
Microsoft Excel Remote Code Execution Vulnerability
Use of Uninitialized Resource
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49030
7.8 - High
- November 12, 2024
Microsoft Excel Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft Word Security Feature Bypass Vulnerability
CVE-2024-49033
7.5 - High
- November 12, 2024
Microsoft Word Security Feature Bypass Vulnerability
Improper Input Validation
Microsoft Office Spoofing Vulnerability
CVE-2024-43609
6.5 - Medium
- October 08, 2024
Microsoft Office Spoofing Vulnerability
Information Disclosure
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-43576
7.8 - High
- October 08, 2024
Microsoft Office Remote Code Execution Vulnerability
Untrusted Path
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43505
7.8 - High
- October 08, 2024
Microsoft Office Visio Remote Code Execution Vulnerability
Insufficient UI Warning of Dangerous Operations
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-43504
7.8 - High
- October 08, 2024
Microsoft Excel Remote Code Execution Vulnerability
Dangling pointer
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-43616
7.8 - High
- October 08, 2024
Microsoft Office Remote Code Execution Vulnerability
Untrusted Path
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-38016
7.8 - High
- September 19, 2024
Microsoft Office Visio Remote Code Execution Vulnerability
Authorization
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38250
7.8 - High
- September 10, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Buffer Over-read
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43463
7.8 - High
- September 10, 2024
Microsoft Office Visio Remote Code Execution Vulnerability
Dangling pointer
Microsoft Excel Elevation of Privilege Vulnerability
CVE-2024-43465
7.8 - High
- September 10, 2024
Microsoft Excel Elevation of Privilege Vulnerability
Dangling pointer
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-38169
7.8 - High
- August 13, 2024
Microsoft Office Visio Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-38170
7.1 - High
- August 13, 2024
Microsoft Excel Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2024-38171
7.8 - High
- August 13, 2024
Microsoft PowerPoint Remote Code Execution Vulnerability
Dangling pointer
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-38172
7.8 - High
- August 13, 2024
Microsoft Excel Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-38173
6.7 - Medium
- August 13, 2024
Microsoft Outlook Remote Code Execution Vulnerability
RCE in Microsoft Project
CVE-2024-38189
8.8 - High
- August 13, 2024
Microsoft Project Remote Code Execution Vulnerability
Improper Input Validation
Microsoft Office Spoofing Vulnerability
CVE-2024-38200
6.5 - Medium
- August 12, 2024
Microsoft Office Spoofing Vulnerability
Information Disclosure
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-38021
8.8 - High
- July 09, 2024
Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Spoofing Vulnerability
CVE-2024-38020
6.5 - Medium
- July 09, 2024
Microsoft Outlook Spoofing Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-30042
7.8 - High
- May 14, 2024
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-21413
9.8 - Critical
- February 13, 2024
Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2024-21379
7.8 - High
- February 13, 2024
Microsoft Word Remote Code Execution Vulnerability
Microsoft Office OneNote Remote Code Execution Vulnerability
CVE-2024-21384
7.8 - High
- February 13, 2024
Microsoft Office OneNote Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-21378
8.8 - High
- February 13, 2024
Microsoft Outlook Remote Code Execution Vulnerability
A security vulnerability exists in FBX that could lead to remote code execution
CVE-2024-20677
7.8 - High
- January 09, 2024
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time. This change is effective as of the January 9, 2024 security update.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Office Long Term Servicing Channel or by Microsoft? Click the Watch button to subscribe.
