Tag
medium
threat
CVE-2026-41102: Microsoft PowerPoint Improper Access Control Vulnerability Leading to Local Spoofing
2 rules 1 TTP 1 CVECVE-2026-41102 is an improper access control vulnerability in Microsoft Office PowerPoint that allows an authorized attacker to perform spoofing locally.
Office PowerPoint
access-control
spoofing
ms-office
2r
1t
1c
high
advisory
Persistence via Microsoft Office Add-Ins File Creation
2 rules 1 TTPThis rule detects attempts to establish persistence on Windows endpoints by abusing Microsoft Office add-ins through the creation of malicious files in Office startup directories.
Microsoft Office AddIns +4
persistence
ms-office
add-ins
windows
2r
1t