Microsoft Releases Update to Address Zero-Day Vulnerability in Microsoft Office

Microsoft releases update to address zero-day vulnerability in Microsoft Office

Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild. This article has been indexed from Cisco Talos Blog Read the original article: Microsoft releases update to address zero-day vulnerability in Microsoft Office The post Microsoft releases update to address zero-day …

Microsoft Office zero-day lets malicious documents slip past security checks

Microsoft issued an emergency patch for a high-severity zero-day vulnerability in Office that allows attackers to bypass document security checks and is being exploited in the wild via malicious files. Introduction to …

Kaspersky Commentary - Zero-day vulnerability in Microsoft Office

Yesterday, Microsoft released a patch to a zero-day vulnerability in Microsoft Office that received a code CVE-2026-21509. It's a high-severity vulnerability affecting Office 2016, 2019, and Microsoft 365 Apps for Enterprise. Boris Larin, principal security researcher at Kaspersky GReAT comments: While details remain limited, Microsoft's guidance indicates that this vulnerability is triggered when a user opens a specially crafted Microsoft Offic…

Microsoft 365: Urgent Security Fixes

Microsoft expert outlines Three Sixty Five security fixes to lock Exchange Online, Teams, QR auth and Business Premium M365 Security Fixes: This summary condenses a how-to session that shows simple, high-impact steps you can apply now to harden a Microsoft 365 tenant.Focus first on emergency patches, multi-factor authentication, and basic conditional access controls to reduce immediate risk. CVE-2026-21509: A confirmed zero-day that lets attack…