Microsoft has released three out-of-band (OOB) updates in January 2026 to address a critical zero-day vulnerability, identified as CVE-2026-21509. This vulnerability affects Microsoft Office and is a security feature bypass that has been reportedly exploited in the wild. Due to its active exploitation, it has been added to the CISA Known Exploited Vulnerabilities (KEV) list.
The vulnerability is rated as "Important" with a CVSS score of 7.8 and requires an attacker to convince a victim to open a malicious document, as it cannot be triggered through the Preview Pane. In response, Cisco Talos has released Snort rules and ClamAV signatures to detect exploitation attempts. Organizations are urged to apply these updates to resolve both security risks and operational issues resulting from previous patch cycles.
Top comments (0)