Full Report
Microsoft has released an out-of-band Office update to fix a known issue that caused Word, Excel, and Outlook to crash after installing the KB5002700 security update for Office 2016. [...]
Analysis Summary
# Vulnerability: Office 2016 Crash Issue Post-Patch Tuesday Update
## CVE Details
- CVE ID: N/A (This is a stability/post-patch regression issue, not a security vulnerability in the traditional sense requiring a CVE assignment, though it followed RCE fixes.)
- CVSS Score: N/A
- CWE: N/A (Likely Configuration/Software Bug)
## Affected Systems
- Products: Microsoft Office 2016
- Versions: Microsoft Installer (.msi)-based edition of Office 2016.
- Configurations: Systems that installed the initial April 8, 2025 Patch Tuesday update (KB5002700).
## Vulnerability Description
Following the installation of the security update KB5002700 released on April 8, 2025, certain installations of Office 2016 experienced severe instability, causing key applications (Microsoft Word, Excel, and Outlook) to stop responding (crash). This appears to be a regression introduced by the preceding security patch.
## Exploitation
- Status: Not applicable (This is a stability/crash issue related to a recent patch rollout, not an external security attack.)
- Complexity: N/A
- Attack Vector: N/A
## Impact
- Confidentiality: None (Indirectly, service disruption)
- Integrity: Minor (Application functionality degradation)
- Availability: High (Word, Excel, and Outlook become unusable)
## Remediation
### Patches
The issue requires the installation of two updates to restore full functionality:
1. **KB5002700** (The initial April 8, 2025 security update).
2. **KB5002623** (The emergency update released April 10, 2025, to fix the crashes caused by KB5002700).
**Note:** KB5002623 only applies to the Microsoft Installer (.msi)-based edition of Office 2016.
### Workarounds
The requirement for end-users is to ensure *both* KB5002700 and the subsequent KB5002623 are installed to resolve the crashing behavior. No specific pre-patch workarounds were detailed for the crashing itself, as the underlying cause was the dependency on the emergency fix.
## Detection
- Indicators of Compromise: Frequent, unexpected crashes of Microsoft Word, Excel, and Outlook on systems known to have installed KB5002700.
- Detection Methods and Tools: Standard system event logging for application crashes related to Office components.
## References
- Vendor Advisories:
- [April 10, 2025 Update for Office 2016 KB5002623](https://support.microsoft.com/en-us/topic/april-10-2025-update-for-office-2016-kb5002623-d60c1f31-bb7c-4426-b8f4-69186d7fc1e5)
- [Description of the security update for Office 2016 April 8, 2025 KB5002700](https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-office-2016-april-8-2025-kb5002700-a117656e-2724-449f-8245-2d5128de1241)
- Relevant links (Defanged):
- hxxps://support.microsoft.com/en-us/topic/april-10-2025-update-for-office-2016-kb5002623-d60c1f31-bb7c-4426-b8f4-69186d7fc1e5
- hxxps://support.microsoft.com/en-us/topic/description-of-the-security-update-for-office-2016-april-8-2025-kb5002700-a117656e-2724-449f-8245-2d5128de1241
- hxxps://www.microsoft.com/en-us/download/details.aspx?id=108113