When it comes to news about Microsoft Office, it’s probably fair to say that it’s usually about aspects that users have mixed feelings about, such as the addition of overbearing AI tools or changes to the interface, but two brief announcements from Redmond are likely to be welcomed by everyone. That’s because they’re about fixes for critical security vulnerabilities.
With the catchy codenames of CVE-2026-26110 and CVE-2026-26113, these issues potentially allow anyone with local access to Office to execute whatever code they like. Both have a common vulnerability and exposure rating of 8.4 and 7.3 for base and temporal scores, which puts them firmly in the ‘critical’ zone for severity.
Article continues below
While the inclusion of Copilot doesn’t bother me, as I can simply ignore it or even disable the option, other changes make me rue the day I purchased a 365 subscription. Take Outlook, for example. What used to be my de facto email client for countless years has been slowly turned into a clunky, confusing, feature-fudge mess of a program, and I only use it begrudgingly and sparingly now.
If some hacker ever decides to make an exploit that turns the current version of Outlook back to the app it used to be in its heyday, that would be one vulnerability I wouldn’t want to see patched.
Best PC gaming kit 2026
Software#Microsoft #announces #Office #critical #security #vulnerabilities #here039s #find #patches #fix1773233925
