A vulnerability in Microsoft Office has been identified, enabling attackers to bypass security policies. The flaw, designated CVE-2026-21509, is actively exploited, according to Microsoft’s security bulletin. Affected systems include Microsoft 365 Apps for Enterprise (32-bit and 64-bit), Microsoft Office 2016 and 2019 (32-bit and 64-bit), and Office LTSC 2021 and 2024 editions. Users are advised to consult Microsoft’s security update guide for patches. The vulnerability was reported in a January 26, 2026, bulletin and is documented under CERTFR-2026-AVI-0089. Immediate mitigation is recommended to prevent potential security breaches.
Summary of content from
https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0089/
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.