PTA warns Microsoft users in Pakistan of high-risk security flaws

PTA has called upon all users in Pakistan to immediately update their Microsoft apps
Tech Desk Tech Desk - Tech Desk May 27, 2025
An undated image of Microsoft office apps. — Freepik
An undated image of Microsoft office apps. — Freepik

The Pakistan Telecommunication Authority (PTA) has provided a high-level cyber security alert for users in Pakistan regarding security vulnerabilities in Microsoft Office and SharePoint and those products. 

PTA indicated in its Cyber Security Advisory No. 368 concerning a wide range of Microsoft Office applications that system administrators and users would need to take immediate action to protect their systems. 

Microsoft Office is used on a daily basis to edit documents, handle spreadsheets, and create presentations in business and education. 

However, the recent flaws discovered in at least three Microsoft Office products, including Excel, Visio and SharePoint, present a potential risk to system controls and sensitive information, as hackers may be able to control affected systems or extract sensitive data from them. 

Although the PTA did not specify threats in the advisory, these vulnerabilities may be "high severity" threats that could permit attackers to execute code or have malicious code or execution exploits running in an environment with granted permissions. 

Microsoft Office affected softwares 

Some software products include:

  • Microsoft 365 Apps for Enterprise (16.0.1)
  • Microsoft Office 2019 (19.0.0)
  • Microsoft Office LTSC 2021 & 2024
  • Microsoft SharePoint Server 2019 & Enterprise Server 2016.

Microsoft Office vulnerabilities 

Three vulnerabilities were discussed in the advisory:

  • Visio (CVE-2024-43505): May allow an attacker to execute code via crafted content into the product.
  • Excel (CVE-2024-43504): Could be triggered remotely due to a memory issue.
  • SharePoint (CVE-2024-43503): May be subject to privilege escalation by a signed-in user.

The PTA has called upon all users in Pakistan to immediately update their Microsoft apps in order not to become a local attack surface.

These flaws are especially dangerous for organisations handling private data, as they give cyber attackers a chance to move deeper into systems.

To stay protected, PTA recommends using the Microsoft Security Update Guide and installing all the latest patches. 

Meta's Instagram, Facebook, WhatsApp down worldwide
Meta's Instagram, Facebook, WhatsApp down worldwide
Pakistan Motorway Police launches e-ticketing app for efficient traffic management
Pakistan Motorway Police launches e-ticketing app for efficient traffic management
IHC to hear petition challenging ban on X in February 2025
IHC to hear petition challenging ban on X in February 2025
Instagram rolls out ‘schedule message’ feature for DMs
Instagram rolls out ‘schedule message’ feature for DMs
WhatsApp iOS update: Effortlessly share sticker packs with contacts
WhatsApp iOS update: Effortlessly share sticker packs with contacts
WhatsApp may start nudging you about unread messages
WhatsApp may start nudging you about unread messages
WhatsApp brings notification reminders for unseen status updates
WhatsApp brings notification reminders for unseen status updates
Did Disney acquire TikTok in discreet $100bn deal?
Did Disney acquire TikTok in discreet $100bn deal?
WhatsApp rolls out unread chat reminder feature to beta testers
WhatsApp rolls out unread chat reminder feature to beta testers
Google Search set for big AI-powered changes by 2025
Google Search set for big AI-powered changes by 2025
WhatsApp to introduce new voice group chat feature on Android
WhatsApp to introduce new voice group chat feature on Android
Threads now allows cross-server profile following: All you need to know
Threads now allows cross-server profile following: All you need to know

COPYRIGHT © 2025 GADiNSiDER, All Rights Reserved | Contact Us