CVE-2019-1462

Vulnerability

A use-after-free vulnerability exists in Microsoft PowerPoint when processing specially crafted PowerPoint presentation files. The issue results from the software failing to validate the existence of an object prior to performing operations on it. This flaw affects Microsoft PowerPoint (specific versions not enumerated in available references) and can be triggered by opening a malicious .ppt file or visiting a malicious web page that loads the file. [1]

Exploitation

Exploitation requires user interaction: the target must open a malicious PowerPoint file or visit a malicious page that triggers the vulnerability. An attacker can craft a .ppt file that, when processed by PowerPoint, causes a use-after-free condition. No authentication or special privileges are needed beyond the user's normal access. The attacker must convince the user to open the file, typically through social engineering or by hosting it on a website. [1]

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the current PowerPoint process. This can lead to full compromise of the user's system, including data theft, installation of malware, or further lateral movement within a network. The CVSS score is 7.8 (High) with a vector of AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. [1]

Mitigation

Microsoft released a security update on December 10, 2019 to address this vulnerability as part of its monthly Patch Tuesday releases. Users should apply the latest updates for Microsoft PowerPoint and Office. No workarounds are documented in the available references. [1]