You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
av local
About this tag
The tag 'av local' on WindowsForum.com covers discussions about the CVSS Attack Vector (AV) designation 'Local' in vulnerability scoring, particularly in the context of Microsoft Word remote code execution flaws like CVE-2025-62558. Posts clarify that while a vulnerability may be described as remote code execution, its CVSS vector can be AV:L (Local) because the code executes within a local process on the endpoint. The tag helps users understand how Microsoft's advisory and CVSS scoring complement each other, distinguishing between the impact of an exploit and the location of code execution. This is relevant for security professionals and IT administrators interpreting vulnerability reports and prioritizing patches.
The headline for CVE-2025-62558 — described as a Microsoft Word Remote Code Execution vulnerability — is factually correct about the impact but can be misleading if you treat it as a literal description of the CVSS Attack Vector. Microsoft’s advisory and the CVE title signal that an off‑host...