Microsoft Patch Day: Attackers exploit Windows and Word vulnerabilities

Currently, attackers are exploiting a total of six vulnerabilities in Internet Explorer, Windows, and Word. In the worst-case scenario, malicious code can get onto PCs, and attackers can gain full control. To protect systems from attacks, admins must ensure that Windows Update is active and that the latest security patches are installed. Microsoft is not currently providing details on the extent of the attacks.

Ongoing Attacks

Attackers are bypassing the SmartScreen protection mechanism ( CVE-2026-21510 “high” ) in the context of Windows Shell, for example. This approach warns about opening potentially dangerous applications. If this filter is deactivated, malicious apps could launch without warning. For such an attack to succeed, however, a victim must cooperate and open a link prepared by an attacker.

In the case of a Word vulnerability ( CVE-2026-21514 “high” ), victims must also open a manipulated document. This is followed by the execution of malicious code. The remaining exploited vulnerabilities affect Desktop Windows Manager ( CVE-2026-21519 “high” ), Windows Remote Desktop ( CVE-2026-21533 “high” ), Internet Explorer ( CVE-2026-21513 “high” ), and Windows Remote Access ( CVE-2026-21525 “medium” ). If attacks are successful in these cases, it leads to crashes (DoS) or attackers gain higher user privileges.

Further Security Issues

Microsoft has also closed vulnerabilities in Azure, GitHub Copilot, Defender, and Windows NTLM, among others. Here, malicious code can reach systems. However, information can also leak.

Microsoft lists further information on the vulnerabilities and updates in the Security Update Guide.

(des)