You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-40367
About this tag
CVE-2026-40367 is a Microsoft Word remote code execution vulnerability addressed in Microsoft's May 12, 2026 security updates. The tag covers discussions about installing every applicable Office update package to mitigate the risk, as the patch may not be a single update due to fragmented Office servicing. Administrators are advised to apply all offered updates via Microsoft Update, Click-to-Run, WSUS, Intune, or Configuration Manager to ensure full protection against this document-handling bug.
Customers affected by CVE-2026-40367, a Microsoft Word remote code execution vulnerability addressed in Microsoft’s May 12, 2026 security updates, should install every update package offered for the affected Office or Word software on each system, and Microsoft says applicable packages can be...