Published 1 day ago • loading... • Updated 4 hours ago

Office Zero-Day Exploited, Forces Microsoft OOB Patch

On Monday, Microsoft disclosed CVE-2026-21509 and released emergency out-of-band updates rolling out for Microsoft 365 Apps for Enterprise and multiple Microsoft Office LTSC and perpetual releases.
The flaw bypasses Object Linking and Embedding and COM mitigations, enabling attackers to exploit phishing-style, user-interaction attacks with circulating exploit code, Microsoft said.
Microsoft published Registry mitigation steps to create a COM Compatibility key and set a Compatibility Flags value to 400; Office 2021 and later get auto-protection after restart, but patches for Microsoft Office 2016 and 2019 are pending.
Close all Microsoft Office applications before editing the Windows Registry, back up the Registry to avoid system issues, and after performing the steps, the flaw is mitigated on next Office launch.
Earlier this month, as part of the January 2026 Patch Tuesday, Microsoft fixed 114 flaws including an actively exploited Desktop Window Manager zero-day, and last week it issued other out-of-band fixes while declining to name the vulnerability's discoverer.

Insights by Ground AI

Podcasts & Opinions

Podcast Mention

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Daily Cyber Security podcast

SANS Stormcast Tuesday, January 27th, 2026: PWD scanning; MSFT Office OOB Patch; Exposed Clawdbot

SANS Internet Stormcenter Daily Cyber Security Podcast discusses Microsoft’s emergency patch for a critical Office OLE vulnerability.

14 hours ago

Listen to Full Episode Full Episode Unlock Timestamp

Get Vantage — Podcasts, Ratings, Timestamps

Podcasts & Opinions

13 Articles

The Register

Center

Office zero-day exploited, forces Microsoft OOB patch

: Another actively abused Office bug, another emergency patch – Office 2016 and 2019 users are left with registry tweaks instead of fixes.

5 hours ago

Read Full Article

PC Mag

Lean Left

Emergency Patch Issued for Microsoft Office, 365 Over Hacking Threat

Microsoft suggests the threat is being used in phishing attacks against vulnerable systems since successful exploitation requires local access to the PC.

17 hours ago·United States

Read Full Article

BleepingComputer

Center

Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks.

1 day ago

Read Full Article

pcwelt.de

Install Now: Microsoft Office Receives Emergency Patch Due to Zero-Day Vulnerability

Microsoft recently published a security advisory warning of a newly discovered zero-day vulnerability in Office applications. This vulnerability, designated CVE-2026-21509, is rated as "high" risk. According to official information, the flaw can be exploited to bypass security features in various Office versions, including Microsoft Office 2016, 2019, 2021 LTSC, and 2024 LTSC. Users are therefore urged to install the emergency patches provided b…

4 hours ago

Read Full Article

it-daily.net

Microsoft Office: Zero-Day Is Actively Exploited

Microsoft has patched the CVE-2026-21509 vulnerability, which appears to have already been exploited in targeted attacks. Several Office versions are affected. The software group has released security updates for the zero-day gap CVE-2026-21509, which allows attackers to bypass security mechanisms in Office. According to the company's security advice, the vulnerability has already been actively exploited. Discovery by Microsoft researchers thems…

6 hours ago

Read Full Article