Legacy Office components are still the weakest link in your suite. ποΈ
CVE-2026-21514 Β· Severity 7.8 Β· Active bypass of OLE mitigations in Microsoft 365.
We are seeing attackers use crafted Word documents to bypass standard OLE security prompts. This allows malicious COM controls to execute with minimal user interaction on @[Microsoft](urn:li:organization:1035) Office.
Attackers are now focusing on these older protocols because they are often overlooked by modern defenses. We’ve seen this used in targeted phishing against executive leadership teams.
The uncomfortable truth: Your modern cloud security stack is only as strong as the legacy protocols it still supports.
β Patch all Microsoft 365 and Office installations with the February 2026 updates.
β Disable OLE object execution in Office via Group Policy for non-essential users.
β Audit your email sandbox logs for files that attempt to trigger OLE protocol handlers.
Do you know which departments in your organization still rely on legacy OLE functionality? π
#CloudSecurity #DataPrivacy #SecurityOperations #CyberRisk #vCISO #CodeDefence