top of page
perceptive_background_267k.jpg

Microsoft patches actively exploited Office zero-day vulnerability

Published:

26 januari 2026 om 18:20:35

Alert date:

26 januari 2026 om 19:02:16

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Enterprise Applications, Zero-Day Vulnerabilities

Microsoft has released emergency security updates to address a high-severity zero-day vulnerability in Microsoft Office that is being actively exploited in attacks. The vulnerability poses significant risk to organizations using Office products and requires immediate patching to prevent exploitation.

Technical details

High-severity Microsoft Office zero-day vulnerability that is a security feature bypass flaw. The vulnerability bypasses OLE mitigations in Microsoft 365 and Microsoft Office which protect users from vulnerable COM/OLE controls. It involves reliance on untrusted inputs in a security decision in Microsoft Office, allowing unauthorized attackers to bypass a security feature locally. The preview pane is not an attack vector, but unauthenticated local attackers can exploit the vulnerability through low-complexity attacks that require user interaction. Attackers must send a user a malicious Office file and convince them to open it.

Mitigation steps:

Apply emergency out-of-band security updates from Microsoft immediately. For Office 2016 and 2019 users (where patches are not yet available), implement registry mitigation: 1) Close all Microsoft Office applications 2) Create Windows Registry backup 3) Open Registry Editor (regedit.exe) 4) Navigate to appropriate COM Compatibility registry key path 5) Create new key named {EAB22AC3-30C1-11CF-A7EB-0000C05BAE0B} 6) Create new DWORD (32-bit) Value named 'Compatibility Flags' 7) Set the value data to '400'. Exercise caution when opening Office files from untrusted sources.

Affected products:

Microsoft Office 2016
Microsoft Office 2019
Microsoft Office LTSC 2021
Microsoft Office LTSC 2024
Microsoft 365 Apps for Enterprise

Related links:

http://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509
https://support.microsoft.com/en-us/help/322756/how-to-back-up-and-restore-the-registry-in-windows
https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-oob-windows-updates-to-fix-shutdown-cloud-pc-bugs/
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-oob-update-to-fix-outlook-freezes/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page