Legacy OLE components are the weakest link in your Office suite. ποΈ
CVE-2026-21514 Β· Severity 7.8 Β· Active bypass of OLE mitigations in @[Microsoft](urn:li:organization:1035) Word.
We are seeing attackers use crafted Word documents to bypass the OLE mitigations designed to protect users from malicious controls. This vulnerability is being actively exploited to achieve code execution when a user opens a compromised Office file.
This flaw is particularly dangerous because it bypasses the protections that users have come to expect in modern @[Microsoft](urn:li:organization:1035) 365 environments. While the Preview Pane is not affected, the act of opening a document is enough to initiate the compromise.
The uncomfortable truth: Your modern cloud security stack is only as strong as the legacy protocols it still supports.
β Patch all Microsoft 365 and Office installations with the latest February updates.
β Disable the execution of OLE objects via Group Policy for users who do not require it.
β Audit your email sandbox logs for Word documents attempting to trigger legacy COM controls.
Do you know which departments in your organization still rely on legacy OLE functionality? π
#Cybersecurity #DataPrivacy #VulnerabilityManagement #CyberRisk #vCISO #CodeDefence