All articles tagged with #microsoft office
Russia-linked APT28 is exploiting CVE-2026-21509 in Microsoft Office as part of Operation Neusploit, delivering two droppers through malicious RTFs: MiniDoor, an Outlook email stealer, and PixyNetLoader, which loads Covenant Grunt via a steganography-delivered shellcode loader; attacks target Ukraine, Slovakia, and Romania with region- and UA-based checks, and show overlaps with earlier Phantom Net Voxel activity.
Russian-linked APT28 is exploiting a patched Microsoft Office zero-day (CVE-2026-21509) to attack Ukraine and EU government targets, deploying malicious Word documents that trigger a WebDAV download chain and COM hijacking to load Covenant via EhStoreShell.dll and a hidden image payload, with C2 through Filen cloud storage. The campaign, which impersonated entities like Ukraine's Hydrometeorological Center and EU COREPER, appears broader than Ukraine. Patch all affected Office versions promptly and restart apps after updates; if patching isn't possible, apply registry mitigations; Defender's Protected View provides additional defense against Internet-origin Office files.
Microsoft Office Professional 2021 for Windows is available as a lifetime license for $34.97 (deal through Feb. 22), granting eight apps—Word, Excel, Outlook, PowerPoint, Teams, OneNote, Access, and Publisher—and the ability to use them offline on Windows 10/11.
Microsoft issued an out-of-band fix for a high-severity Office zero-day (CVE-2026-21509) that enables a local security feature bypass when users open a specially crafted Office file; exploitation requires user interaction, and the Preview Pane is not a vector. Office 2021+ patches will apply automatically with a service-side change but require restarting Office apps, while Office 2016/2019 users must install specific updates. A registry workaround is provided as mitigation. The flaw has been added to the CISA Known Exploited Vulnerabilities catalog, with federal agencies required to patch by February 16, 2026. Credit goes to MSTIC, MSRC, and the Office security team.
Microsoft issued emergency out-of-band security updates to fix a high-severity Office zero-day (CVE-2026-21509) being actively exploited. The flaw affects multiple Office versions, including 2016, 2019, LTSC 2021/2024, and Microsoft 365 Apps for Enterprise, with patches for 2016/2019 not yet available. Exploitation requires user interaction via a malicious Office file, bypassing OLE mitigations. Office 2021+ will be protected via a service-side change (restart required). For older Office versions, Microsoft provides mitigations, including registry changes, to reduce exploitation risk. Additional related fixes were noted from January 2026 Patch Tuesday.
Microsoft Office Professional 2021 for Windows is available for a limited time at a one-time price of $34.97, offering a lifetime license to essential apps like Word, Excel, PowerPoint, and more, with no recurring fees or subscriptions.
Microsoft Office Home & Business 2021 is on sale for $49.97, offering a lifetime license for essential Office apps like Word, Excel, PowerPoint, Outlook, Teams, and OneNote, with no recurring subscription fees.
A limited-time offer allows users to purchase the Microsoft Office Professional 2021 suite for a one-time payment of $34.97, providing lifetime access to essential productivity apps like Word, Excel, PowerPoint, and more, without subscription fees.
You can upgrade an old Windows PC with a Microsoft Office Professional 2021 license for just $34.97, significantly discounted from the regular price of $219.99, providing essential productivity tools for both personal and professional use.
You can upgrade your Mac's productivity with a lifetime license for Microsoft Office Home and Business for Mac 2021, now available for $49.97, offering six essential apps without subscription fees, compatible with macOS 14 or later.
You can now buy a lifetime license for Microsoft Office Professional 2021 for Windows at a discounted price of $39.97, down from $219.99, offering access to eight essential productivity apps for less than $7 each.
Microsoft released updates fixing 172 security flaws in Windows, including active zero-day exploits, and announced the end of support for Windows 10, offering options like extended security updates or switching to Linux for continued use. Notable vulnerabilities include a long-standing modem driver issue and a critical flaw in Windows Server Update Service, with Windows 10 support ending and other Microsoft products being sunsetted.
Microsoft Office Professional 2021 for Windows is available for a limited time at $49.97, offering a lifetime license with all essential apps, no subscription fees, and offline use, making it a cost-effective solution for personal and professional productivity.
A limited-time offer allows you to purchase a lifetime license to Microsoft Office Professional 2021 for $39.97, including eight essential apps, with the deal ending on September 14.
Iran launched a missile strike hitting a tech park housing a Microsoft office in Beer Sheva, Israel, causing property damage, minor injuries, and fires, following a recent attack on a hospital in southern Israel.