Microsoft has disclosed two serious security vulnerabilities in its Office suite that allow attackers to execute arbitrary code on affected systems.
Both flaws were publicly released on September 9, 2025, and have been assigned CVE identifiers CVE-2025-54910 and CVE-2025-54906.
These critical issues affect Microsoft Office on Windows and can be exploited by attackers to gain full control over targeted machines.
https://gbhackers.com/critical-flaws-in ... ft-office/