Microsoft rushed an emergency Patch Tuesday fix after a new Office zero-day began spreading in active attacks. CISA warns ...

Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security ...

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

A joint investigation by the Microsoft Threat Intelligence Center and Microsoft Security Response Center found that a zero-day vulnerability in the Windows Common Log File System had been exploited by ...

Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, May 15, 2025: This story, originally published May 14, ...

Another actively abused Office bug, another emergency patch – Office 2016 and 2019 users are left with registry tweaks instead of fixes. Updated Microsoft has issued an emergency Office patch after ...

Microsoft releases an urgent out-of-band update for a critical Office zero-day flaw already exploited in real-world attacks.

Two Windows vulnerabilities—one a zero-day that has been known to attackers since 2017 and the other a critical flaw that Microsoft initially tried and failed to patch recently—are under active ...