Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild in zero-day attacks. Users and admins are advised to review the associated advisory and to implement updates or mitigations as soon as possible. About CVE-2026-21509 CVE-2026-21509 stems from reliance on untrusted inputs in a security decision in Microsoft Office, which allows unauthorized attackers to bypass a security feature … More
The post Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: