Published on February 11, 2026
Microsoft Office Word 0-Day Vulnerability Enables Attackers to Bypass Security Feature
Severity
High
Microsoft has announced a zero-day vulnerability in Microsoft Office Word that enables attackers to bypass built-in security protections. Tracked as CVE-2026-21514, the issue was formally documented on February 10, 2026, and presents considerable risk to users globally.
CVE-2026-21514 is categorized as a Security Feature Bypass vulnerability within Microsoft Word. The root cause lies in the application’s reliance on untrusted input when making security-related decisions, which falls under CWE-807.
Because of this weakness, unauthorized attackers may be able to circumvent safeguards designed to block malicious behavior. The vulnerability is rated “Important” and has a CVSS score of 7.8, reflecting a high level of risk. It is especially concerning because exploitation has already been observed in real-world attacks, and details about the flaw were made public before patches were broadly deployed.
| Attribute | Details |
| CVE ID | CVE-2026-21514 |
| Impact | Security Feature Bypass |
| CVSS Score | 7.8 |
| Attack Vector | Local |
| Privileges Required | None |
| User Interaction | Required |
| Exploitation Status | Actively Exploited |
Exploitation requires local access and is considered low in complexity. Attackers do not need elevated privileges, but user interaction is necessary, typically when a victim opens a malicious Word document.
Successful exploitation could significantly affect confidentiality, integrity, and availability. Microsoft’s exploitability assessment confirms that functional exploit code exists and that active abuse has been detected in the wild.
Recommendation
An official security update has been released to remediate the issue. Microsoft strongly advises organizations and individual users to apply the latest patches through the Microsoft Security Update Guide without delay.
In addition, users should remain cautious when opening Word documents from unknown or untrusted sources. Administrators are encouraged to prioritize patch deployment across endpoints and strengthen defensive measures, including email filtering controls and user awareness training.
Source