- Microsoft releases emergency patch for Office Zero-Day CVE-2026-21509
- Vulnerability allows attackers to bypass OLE mitigations and execute malware
- CISA adds vulnerability to KEV catalog; operating details remain confidential
Microsoft has released an emergency patch to address a high-severity Office vulnerability that is being exploited in the wild as a zero-day.
The bug is described as a security bypass flaw: “Using untrusted input in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally,” explains the National Vulnerability Database (NVD).
In other words, Office was making security decisions based on information that could not be fully trusted, and which was exploited by cybercriminals to run malware, steal login credentials, and move laterally across the network.
How to fix and work around the bug
The vulnerability has been rumored to be actively exploited in the wild, and the US Cybersecurity and Infrastructure Security Agency (CISA) has already added it to its catalog of Known Exploited Vulnerabilities (KEV).
However, Microsoft did not specify who the perpetrators of the threat were or who the victims were. We also don’t know the scope of the campaign, or whether it has ever resulted in significant data theft, or possibly ransomware attacks.
The bug is tracked as CVE-2026-21509 and received a severity score of 7.8/10 (high).
“This update addresses a vulnerability that bypasses OLE mitigations in Microsoft 365 and Microsoft Office, which protect users from vulnerable COM/OLE controls,” Microsoft said in a security advisory.
Users running Office 2021 and later don’t need to do anything other than restart their Office applications, as the fix will be done on the server side. Those running Office 2016 and 2019 will need to install these updates:
Microsoft Office 2019 (32-bit edition) – 16.0.10417.20095
Microsoft Office 2019 (64-bit edition) – 16.0.10417.20095
Microsoft Office 2016 (32-bit edition) – 16.0.5539.1001
Microsoft Office 2016 (64-bit edition) – 16.0.5539.1001
Those who cannot install the patches should make changes to the Windows registry, as mitigation. Microsoft has provided a step-by-step guide available at tits link.
Via Hacker news
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
