A vulnerability was identified in Microsoft Office. An attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Note: CVE-2026-21509 is being exploited in the wild. Reliance on untrusted inputs in a security decision in Microsoft Office... Impact Security Restriction Bypass System / Technologies affected Microsoft 365 Apps for Enterprise Microsoft Office 2016 Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office LTSC 2024 Solutions Before installation of the software, please visit the software vendor web-site for more details. Customers running Office 2021 and later will be automatically protected via a service-side change, but will be required to restart their Office applications for this to take effect. Customers running Office 2016 and 2019 are not protected until they install the security update. Customers on these versions can apply the registry keys described as follows to be immediately protected. Please refer to the below link for the steps. Apply fixes or mitigations issued by the vendor: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509