home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   alt.comp.os.windows-10      Steaming pile of horseshit Windows 10      197,590 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 196,998 of 197,590   
   =?UTF-8?B?Li4ud8Khw7HCp8KxwqTDsSA=? to VanguardLH   
   Re: Microsoft Office Zero-Day (CVE-2026-   
   28 Jan 26 15:53:30   
   
   XPost: alt.comp.os.windows-11   
   From: winstonmvp@gmail.com   
      
   VanguardLH wrote on 1/28/2026 2:23 PM:   
      
   >>   
   >> You replied to my post, but snipped it's complete content.   
   >> Using the link in my post, can provide the information and answers to   
   >> what you asked.   
   >> - the KB # for 2016, CTR document for 2019 and later   
   >> - Versions supported are update-able and fixable, as in the past earlier   
   >> non-supported versions are not. Likewise, MSFT does not report   
   >> vulnerability to versions older than indicated in the CVE.   
   >> - applies to any malicious Office file => 'whatever' in your terminology   
   >>   
   >> i.e. if using 2003 or 2007 or 2010 or 2013 you are SOL.   
   >   
   > Not clear if updating Office 2021, what I have, got the necessary fixes,   
   > or if users are still expected to do the registry edits.  After   
   > updating, my Office 2021 reports it is at 2601 (build 19628.20150   
   > Click-to-Run).  It was at 2512 released on Jan 13 which is before the   
   > Jan 26 date cited for the CVE-2026-21509 patch.  Now I'm at 2601, but   
   > haven't found anything in that build description about CVE-2026-21509.   
      
   Afiak, 2021(perpetual Home, Home&Business all CTR), 2021 ProPlus(MSI or   
   CTR) and later including M365 editions(Personal, Family, Enterprise, Edu)   
   after updating to the the Jan 27 2026 version/build(2601, x.20150 or   
   applicable version/build when installed/available...at this time **Do not   
   have** the necessary registry keys noted in the CVE article manual   
   workaround(editing, adding keys in the registry).   
     -i.e. assume it has not been updated and still vulnerable is the safest   
   position until known otherwise....though it is possible, and the not the   
   first occurence that a vulnerability is/was removed with other underlying   
   code exclusive of the a need to change the registry.   
      
      
   --   
   ...w¡ñ§±¤ñ   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca