Microsoft published guidance on Monday for a recently discovered zero-day security flaw for which there is an exploit. The vulnerability is rated 7.8 out of 10 for severity on the CVSS vulnerability scoring system. The vulnerability exists in the Office suite that could be exploited to achieve code execution on affected systems.
The weakness was assigned the identifier CVE-2022-30190. Microsoft Office versions Office 2013, Office 2016, Office 2019, and Office 2021, as well as Professional Plus editions, are impacted. See Microsoft for guidance.