Tech Desk 
May 14, 2025
In a bid to prevent potential cyberattacks, the Pakistan Telecommunication Authority (PTA) has issued an advisory highlighting critical vulnerabilities in Microsoft office suite used across businesses and government systems in Pakistan.
The warning comes in the wake of rising tensions with the neighbouring country India, which whom there had been a military clash.
The affected products include Microsoft 365 Apps for Enterprise, Microsoft Office 2019, Office LTSC 2021 and 2024, and several versions of Microsoft SharePoint Server.
These loopholes are likely to allow hackers to execute malicious code or access systems, which might pose serious risks to both individuals and organisations.
According to the PTA advisory, the flaws are linked to specific components within the software suite:
- Visio (CVE-2024-43505) may allow remote code execution through crafted files.
- Excel (CVE-2024-43504) has a “use-after-free” bug that can also lead to code execution.
- SharePoint (CVE-2024-43503) allows authenticated attackers to escalate privileges using malicious requests.
The PTA has dubbed these threats “high severity,” urging immediate action to avoid being targeted.
Delaying software updates, the advisory added, could open doors to targeted cyberattacks, particularly in environments where sensitive data is contained.
