Microsoft has released security updates to address a critical vulnerability affecting multiple products. The vulnerability could allow remote code execution.
Microsoft has released security updates to address CVE-2026-41636, a critical vulnerability affecting multiple Microsoft products. The vulnerability could allow an attacker to execute arbitrary code with elevated privileges.
Affected Products:
- Windows 10 (Version 1903 and later)
- Windows 11 (All versions)
- Microsoft Office 2019 and 2021
- Microsoft 365 Apps
- Microsoft Edge (Chromium-based)
The vulnerability has been assigned a CVSS score of 8.8, indicating high severity. Exploitation of this vulnerability could allow an attacker to take control of an affected system.
Microsoft has released security updates for all affected products. Organizations should apply these updates immediately. The updates are available through the Microsoft Security Response Center portal and Windows Update.
Workarounds:
- Enable Enhanced Mitigation Experience Toolkit (EMET)
- Configure Microsoft Office to run as a protected process
- Implement network segmentation to limit access to vulnerable systems
Microsoft has not detected any active exploitation of this vulnerability in the wild. However, the company urges customers to apply the updates as soon as possible.
For more information, visit the Microsoft Security Response Center and review the Security Update Guide for detailed instructions.
Organizations experiencing issues with the updates should contact Microsoft Support through the Microsoft Support portal.
Comments
Please log in or register to join the discussion