Severity: High to Critical
Summary
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six Microsoft Windows and Office vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation. These vulnerabilities may allow attackers to bypass security protections, execute arbitrary code, escalate privileges, or cause system instability.
Affected Products
Impacted Microsoft products may include:
- Microsoft Windows (multiple supported versions)
- Microsoft Office (including Microsoft Word)
- Microsoft MSHTML Framework components
- Windows Remote Desktop Services (RDS)
Risk depends on system version, patch level, and exposure.
Vulnerability Overview
- CVE-2026-21510 – Microsoft Windows Shell Protection Mechanism Failure Vulnerability
- CVE-2026-21513 – Microsoft MSHTML Framework Security Feature Bypass Vulnerability
- CVE-2026-21514 – Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
- CVE-2026-21519 – Microsoft Windows Type Confusion Vulnerability
- CVE-2026-21525 – Microsoft Windows NULL Pointer Dereference Vulnerability
- CVE-2026-21533 – Windows Remote Desktop Services Elevation of Privilege Vulnerability
These vulnerabilities collectively present risks including remote code execution, security feature bypass, privilege escalation, denial of service, and unauthorized access to sensitive systems.
Observed Activity
According to CISA, these vulnerabilities are being actively exploited in the wild.
- Security feature bypass leading to unauthorized code execution
- Privilege escalation within Windows environments
- Potential exploitation through malicious documents or web content
- Abuse of Remote Desktop Services for elevated access
Recommended Actions
We strongly recommend the following immediate steps:
- Apply the latest Microsoft security updates addressing all listed CVEs.
- Prioritize remediation in accordance with CISA KEV catalog guidance.
- Review systems for indicators of compromise.
- Restrict administrative privileges and enforce least-privilege principles.
- Ensure endpoint detection and monitoring solutions are active and updated.
Our Status
DataComm is actively reviewing affected systems and validating patch levels in accordance with Microsoft and CISA guidance. Customers requiring assistance are encouraged to contact our support team.
Support
Email: support@www-prod.datacomm.com
Phone: (877) 544-3655
References
- CVE-2026-21510 – Microsoft MSRC
- CVE-2026-21510 – CISA KEV Catalog
- CVE-2026-21513 – Microsoft MSRC
- CVE-2026-21513 – CISA KEV Catalog
- CVE-2026-21514 – Microsoft MSRC
- CVE-2026-21514 – CISA KEV Catalog
- CVE-2026-21519 – Microsoft MSRC
- CVE-2026-21519 – CISA KEV Catalog
- CVE-2026-21525 – Microsoft MSRC
- CVE-2026-21525 – CISA KEV Catalog
- CVE-2026-21533 – Microsoft MSRC
- CVE-2026-21533 – CISA KEV Catalog
