virus logo Intrusion Prevention

MS.Office.CVE-2026-21509.Security.Bypass

description-logoDescription

This indicates an attack attempt to exploit a Security Feature Bypass Vulnerability in Microsoft Office.
This vulnerability is due to an error when the vulnerable software handles a maliciously crafted rtf file. A remote attacker could exploit this vulnerability by enticing a target user to open a crafted file. Successful exploitation could result in a bypass of security mechanisms on the vulnerable system.

affected-products-logoAffected Products

Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2024 for 32-bit editions
Microsoft Office LTSC 2024 for 64-bit editions
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2026-02-05 35.164
Modified
 Default_action:pass:drop
2026-01-28 35.159
New

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509
ID 60111
Created Jan 28, 2026
Updated Feb 04, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 6.58%
Default Action drop
Active
Affected OS Windows
Affected App MS_Office
Profile Type Permission/Privilege/Access Control