BackBox.org News
  • BackBox.org
  • Linux
  • Community
  • News
  • Services
  • Sitemap
  • Contact
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
Microsoft releases update to address zero-day vulnerability in Microsoft Office

Microsoft releases update to address zero-day vulnerability in Microsoft Office

January 29, 2026/in Company Blogs
  • Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild. 
  • Additional OOB updates have been published to resolve operational issues experienced following installation of the updates released as part of the standard Microsoft Patch Tuesday process.

Microsoft releases update to address zero-day vulnerability in Microsoft Office

CVE-2026-21509 was published to address a security feature bypass vulnerability affecting Microsoft Office. This vulnerability was rated as “Important” and received a CVSS 3.1 score of 7.8. This vulnerability is considered “local,” meaning that it must be triggered by an attacker with access to an affected system, or by convincing a victim to open a malicious Office document that triggers the vulnerability. It has also been added to the CISA Known Exploited Vulnerabilities (KEV) list. Microsoft reports that this vulnerability cannot be triggered via the Preview Pane in Microsoft Office. Microsoft has also released mitigation guidance for CVE-2026-21509 as part of this advisory.  

In response to these vulnerability disclosures, Talos is releasing a new SNORT® ruleset that detects attempts to exploit some of them. Please note that additional rules may be released at a future date, and current rules are subject to change pending additional information. Cisco Security Firewall customers should use the latest update to their ruleset by updating their SRU. Open-source Snort Subscriber Ruleset customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org. 

Snort2 rules included in this release that protect against the exploitation of many of these vulnerabilities are: 65823-65830.  

The following Snort3 rules are also available: 301384-301387. 

The following ClamAV signature has been released to detect activity associated with this vulnerability: 

  • Rtf.Exploit.CVE_2026_21509-10059214-0 

Cisco Talos Blog – ​Read More

Share this entry
  • Share on Facebook
  • Share on X
  • Share on WhatsApp
  • Share on LinkedIn
  • Share on Vk
  • Share on Reddit
  • Share by Mail
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png 0 0 admin https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png admin2026-01-29 16:06:392026-01-29 16:06:39Microsoft releases update to address zero-day vulnerability in Microsoft Office
Search Search
Copyright © BackBox.org
  • Link to X
  • Link to Facebook
  • Link to LinkedIn
  • Link to Youtube
  • Link to Telegram
Link to: LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’ Link to: LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’ LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’ Link to: Cyberattack on large Russian bread factory disrupts supply deliveries Link to: Cyberattack on large Russian bread factory disrupts supply deliveries Cyberattack on large Russian bread factory disrupts supply deliveriesCyberattack on large Russian bread factory disrupts supply deliveries
Scroll to top Scroll to top Scroll to top