CVE-2026-21509 - Geek Feed

Russian hackers exploit recently patched Microsoft Office bug in attacks

February 4, 2026February 4, 2026 geekfeed0Tagged Actively Exploited, APT28, CVE-2026-21509, Microsoft Office, Security Bypass, Ukraine, vulnerability

Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. On January 26, Microsoft released an emergency out-of-band security update marking CVE-2026-21509 as an actively exploited zero-day flaw. CERT-UA detected the distribution of malicious DOC files exploiting the flaw, themed around EU COREPER consultations in […]

2 mins read

Microsoft patches actively exploited Office zero-day vulnerability

January 29, 2026January 29, 2026 geekfeed0Tagged 0day, bypass, CVE-2026-21509, Emergency Update, microsoft, Microsoft Office, Out-of-Band, Security Update, Zero-Day

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked as CVE-2026-21509, affects multiple Office versions, including Microsoft Office 2016, Microsoft Office 2019, Microsoft Office LTSC 2021, Microsoft Office LTSC 2024, and Microsoft 365 Apps for Enterprise (the company’s cloud-based subscription service). […]

4 mins read