Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

Posted on By CWS

Microsoft has launched patches for CVE-2026-21509, a newly disclosed Workplace zero-day vulnerability that may be exploited to bypass security measures.

The tech large’s advisory for CVE-2026-21509 mentions that it’s conscious of lively exploitation. 

The vulnerability and the in-the-wild assaults had been found by Microsoft’s personal safety researchers, however the firm has but to share any data on the malicious exercise.

In line with Microsoft’s description of the zero-day, “Reliance on untrusted inputs in a safety resolution in Microsoft Workplace permits an unauthorized attacker to bypass a safety function domestically.”

The corporate additionally clarified that the vulnerability “bypasses OLE mitigations in Microsoft 365 and Microsoft Workplace which shield customers from susceptible COM/OLE controls”.

Exploitation requires the attacker to persuade the focused person to open a malicious Workplace file. Commercial. Scroll to proceed studying.

The requirement for social engineering, mixed with the exploit’s complexity and the potential want for a multi-stage assault chain, signifies that this zero-day is getting used for focused espionage or different high-value operations relatively than broad, opportunistic campaigns.

SecurityWeek has reached out to Microsoft for extra data and can replace this text if the corporate responds.

Microsoft has launched patches for all affected variations of Workplace, together with 2016, 2019, LTSC 2024, LTSC 2021, and Microsoft 365 Apps for Enterprise.

Mitigations are additionally obtainable for customers who can’t instantly replace their Workplace installations. 

The cybersecurity company CISA has added CVE-2026-21509 to its Recognized Exploited Vulnerabilities (KEV) catalog, instructing authorities organizations to deal with it by February 16.

Microsoft’s January 2026 Patch Tuesday updates resolved greater than 110 vulnerabilities, together with a Home windows zero-day whose exploitation was found by the seller’s personal researchers. No data has been shared on these assaults both. 

Associated: Microsoft Patches 57 Vulnerabilities, Three Zero-Days

Associated: RedVDS Cybercrime Service Disrupted by Microsoft and Legislation Enforcement

Associated: New ‘Reprompt’ Assault Silently Siphons Microsoft Copilot Information

Security Week News Tags:, , , , , ,

Related Posts

Alumni, Student, and Staff Information Stolen From Harvard University Alumni, Student, and Staff Information Stolen From Harvard University Security Week News
480,000 Catholic Health Patients Impacted by Serviceaide Data Leak 480,000 Catholic Health Patients Impacted by Serviceaide Data Leak Security Week News
Security Analytics Firm Vega Emerges From Stealth With M in Funding  Security Analytics Firm Vega Emerges From Stealth With $65M in Funding  Security Week News
All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher Security Week News
In Other News: Scammers Abuse Grok, US Manufacturing Attacks, Gmail Security Claims Debunked In Other News: Scammers Abuse Grok, US Manufacturing Attacks, Gmail Security Claims Debunked Security Week News
ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities Security Week News