Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

Posted on By CWS

Microsoft has launched patches for CVE-2026-21509, a newly disclosed Workplace zero-day vulnerability that may be exploited to bypass security measures.

The tech large’s advisory for CVE-2026-21509 mentions that it’s conscious of lively exploitation. 

The vulnerability and the in-the-wild assaults had been found by Microsoft’s personal safety researchers, however the firm has but to share any data on the malicious exercise.

In line with Microsoft’s description of the zero-day, “Reliance on untrusted inputs in a safety resolution in Microsoft Workplace permits an unauthorized attacker to bypass a safety function domestically.”

The corporate additionally clarified that the vulnerability “bypasses OLE mitigations in Microsoft 365 and Microsoft Workplace which shield customers from susceptible COM/OLE controls”.

Exploitation requires the attacker to persuade the focused person to open a malicious Workplace file. Commercial. Scroll to proceed studying.

The requirement for social engineering, mixed with the exploit’s complexity and the potential want for a multi-stage assault chain, signifies that this zero-day is getting used for focused espionage or different high-value operations relatively than broad, opportunistic campaigns.

SecurityWeek has reached out to Microsoft for extra data and can replace this text if the corporate responds.

Microsoft has launched patches for all affected variations of Workplace, together with 2016, 2019, LTSC 2024, LTSC 2021, and Microsoft 365 Apps for Enterprise.

Mitigations are additionally obtainable for customers who can’t instantly replace their Workplace installations. 

The cybersecurity company CISA has added CVE-2026-21509 to its Recognized Exploited Vulnerabilities (KEV) catalog, instructing authorities organizations to deal with it by February 16.

Microsoft’s January 2026 Patch Tuesday updates resolved greater than 110 vulnerabilities, together with a Home windows zero-day whose exploitation was found by the seller’s personal researchers. No data has been shared on these assaults both. 

Associated: Microsoft Patches 57 Vulnerabilities, Three Zero-Days

Associated: RedVDS Cybercrime Service Disrupted by Microsoft and Legislation Enforcement

Associated: New ‘Reprompt’ Assault Silently Siphons Microsoft Copilot Information

Security Week News Tags:, , , , , ,

Related Posts

Major Cybersecurity Updates: Arrests, Vulnerabilities, and Policy Shifts Major Cybersecurity Updates: Arrests, Vulnerabilities, and Policy Shifts Security Week News
PromptLock Only PoC, but AI-Powered Ransomware Is Real PromptLock Only PoC, but AI-Powered Ransomware Is Real Security Week News
Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication Security Week News
Malicious Chrome Extensions Compromise User Data Malicious Chrome Extensions Compromise User Data Security Week News
Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets Security Week News
Armenian Man Extradited to US Over Ryuk Ransomware Attacks Armenian Man Extradited to US Over Ryuk Ransomware Attacks Security Week News