Microsoft Office zero-day lets malicious documents slip past security checks

Microsoft issued an emergency patch for a high-severity zero-day vulnerability in Office that allows attackers to bypass document security checks and is being exploited in the wild via malicious files. Microsoft pushed the emergency patch for the zero‑day, tracked as CVE-2026-21509, and classifie...

Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation

Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability, tracked as CVE-2026-21509 , carries a CVSS score of 7.8 out of 10.0. It has been described as a security feature bypass in Microsoft Office...

Microsoft Issues Patches for In-the-Wild 0-day and 55 Others Windows Bugs

Microsoft on Tuesday issued fixes for 56 flaws, including a critical vulnerability that's known to be actively exploited in the wild. In all, 11 are listed as Critical, 43 are listed as Important, and two are listed as Moderate in severity — six of which are previously disclosed vulnerabilities...

Microsoft Office Patch Installer Has Multiple DLL Loading Remote Code Execution Vulnerabilities

Microsoft Office is a suite of office software based on the Windows operating system developed by Microsoft. Microsoft Office suffers from multiple DLL loading remote code execution vulnerabilities. An attacker could execute arbitrary code in the user environment of the affected application, and ...

PT-2010-1179 · Microsoft · Sql Server +5

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions 2003 SP3, 2007 SP2 and SP3, 2010 SP1 Microsoft SQL Server versions 2000 SP4, 2005 SP4, 2008 SP2, SP3, R2, R2 SP1, and R2 SP2 Microsoft Commerce Server versions 2002 SP4, 2007 SP2, 2009 Gold and R2 Microsoft Host...