cve 2025 59240

About this tag
CVE-2025-59240 is an information-disclosure vulnerability in Microsoft Excel that can expose sensitive local data when a user opens a specially crafted workbook. Microsoft has issued a security update to address the flaw, which requires user interaction and is rated medium severity. Discussions on WindowsForum cover the advisory details, the nature of the vulnerability, and recommended mitigations such as applying the latest patch and exercising caution with untrusted Excel files.
  1. CVE-2025-59240: Excel Information Disclosure Patch and Mitigations

    Microsoft has published an advisory for CVE-2025-59240, an information-disclosure vulnerability in Microsoft Excel that can expose sensitive local data when a user interacts with a specially crafted workbook; Microsoft has issued a security update and describes the flaw as a local...