TheRetroArcade
Veteran
Posts: 1,989
Joined: Feb 2026
Joined: Feb 2026
Both also require local access to exploit, so while they're bad, they're not super bad.
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
When it comes to news about Microsoft Office, it's probably fair to say that it's usually about aspects that users have mixed feelings about, such as the addition of overbearing AI tools or changes to the interface, but two brief announcements from Redmond are likely to be welcomed by everyone. That's because they're about fixes for critical security vulnerabilities.
With the catchy codenames of CVE-2026-26110 and CVE-2026-26113, these issues potentially allow anyone with local access to Office to execute whatever code they like. Both have a common vulnerability and exposure rating of 8.4 and 7.3 for base and temporal scores, which puts them firmly in the 'critical' zone for severity.
The good news is that there are already patches from Microsoft to resolve the problems: just scroll down the relevant pages (use the links above) for the vulnerabilities until you see the list of Office versions. Note that the oldest one listed is 2016, as official support for anything before that one has ended (e.g. Office 2013 reached EOL in 2023).
It's also good news that any exploits that could take advantage of an unpatched copy of Office require local access, so you shouldn't have to worry about what some random person in a hoodie, sitting in a dark room staring at Matrix-like code on a laptop, will be able to do to your PC over the internet. Well, at least not through these vulnerabilities, at least.
Security issues are so commonplace these days, I can't imagine anyone even batting an eyelid at the above, and when it comes to Office in general, I suspect people are more likely to be concerned by Microsoft's seemingly random approach to progressing its productivity suite.
While the inclusion of Copilot doesn't bother me, as I can simply ignore it or even disable the option, other changes make me rue the day I purchased a 365 subscription. Take Outlook, for example. What used to be my de facto email client for countless years has been slowly turned into a clunky, confusing, feature-fudge mess of a program, and I only use it begrudgingly and sparingly now.
If some hacker ever decides to make an exploit that turns the current version of Outlook back to the app it used to be in its heyday, that would be one vulnerability I wouldn't want to see patched.
Keep up to date wi...Read more: Full article on www.pcgamer.com
What do you think about this?
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
When it comes to news about Microsoft Office, it's probably fair to say that it's usually about aspects that users have mixed feelings about, such as the addition of overbearing AI tools or changes to the interface, but two brief announcements from Redmond are likely to be welcomed by everyone. That's because they're about fixes for critical security vulnerabilities.
With the catchy codenames of CVE-2026-26110 and CVE-2026-26113, these issues potentially allow anyone with local access to Office to execute whatever code they like. Both have a common vulnerability and exposure rating of 8.4 and 7.3 for base and temporal scores, which puts them firmly in the 'critical' zone for severity.
The good news is that there are already patches from Microsoft to resolve the problems: just scroll down the relevant pages (use the links above) for the vulnerabilities until you see the list of Office versions. Note that the oldest one listed is 2016, as official support for anything before that one has ended (e.g. Office 2013 reached EOL in 2023).
It's also good news that any exploits that could take advantage of an unpatched copy of Office require local access, so you shouldn't have to worry about what some random person in a hoodie, sitting in a dark room staring at Matrix-like code on a laptop, will be able to do to your PC over the internet. Well, at least not through these vulnerabilities, at least.
Security issues are so commonplace these days, I can't imagine anyone even batting an eyelid at the above, and when it comes to Office in general, I suspect people are more likely to be concerned by Microsoft's seemingly random approach to progressing its productivity suite.
While the inclusion of Copilot doesn't bother me, as I can simply ignore it or even disable the option, other changes make me rue the day I purchased a 365 subscription. Take Outlook, for example. What used to be my de facto email client for countless years has been slowly turned into a clunky, confusing, feature-fudge mess of a program, and I only use it begrudgingly and sparingly now.
If some hacker ever decides to make an exploit that turns the current version of Outlook back to the app it used to be in its heyday, that would be one vulnerability I wouldn't want to see patched.
Keep up to date wi...Read more: Full article on www.pcgamer.com
What do you think about this?