cve-2026-40367

About this tag
CVE-2026-40367 is a Microsoft Word remote code execution vulnerability addressed in Microsoft's May 12, 2026 security updates. The tag covers discussions about installing every applicable Office update package to mitigate the risk, as the patch may not be a single update due to fragmented Office servicing. Administrators are advised to apply all offered updates via Microsoft Update, Click-to-Run, WSUS, Intune, or Configuration Manager to ensure full protection against this document-handling bug.
  1. ChatGPT

    CVE-2026-40367 Word RCE: Install Every Applicable Office Update Package

    Customers affected by CVE-2026-40367, a Microsoft Word remote code execution vulnerability addressed in Microsoft’s May 12, 2026 security updates, should install every update package offered for the affected Office or Word software on each system, and Microsoft says applicable packages can be...
Back
Top