28.01.2026

CSO Online 27.01.2026 23:26
Microsoft is warning admins of an Office security bypass zero day vulnerability that can be triggered simply by a user opening a document. The flaw is currently being actively exploited.
“The vulnerability is serious,” said Johannes Ullrich, dean of research at the SANS Institute. “The root cause is that Microsoft Office still supports the older OLE document format, which provides access to various OLE components. The effect is similar to what an attacker could do with Office Macros. But Office Macros are typically blocked for documents downloaded from the internet. Microsoft implemented similar protections for OLE components, but this recent exploit found a way to bypass them.”

Infosecurity Magazine 27.01.2026 16:45
Critical sandbox escape vulnerability in Grist-Core enables remote code execution via a malicious formula

Heise Security 27.01.2026 11:13
Eine kritische Sicherheitslücke in telnetd der GNU InetUtils erheischt derzeit Aufmerksamkeit. Admins sollten patchen.

Infosecurity Magazine 27.01.2026 10:45
Microsoft urged customers running Microsoft Office 2016 and 2019 to apply the patch to be protected

Infosecurity Magazine 27.01.2026 09:45
Nike is investigating after the World Leaks ransomware group posted a 1.4TB data dump

Heise Security 27.01.2026 09:17
Das Framework Apache Hadoop ist verwundbar. Attacken können im Kontext des HDFS-Dateisystems geschehen. Ein Sicherheitspatch ist verfügbar.

Golem 27.01.2026 07:38
Eine gefährliche Sicherheitslücke betrifft alle gängigen Office-Versionen. Angesichts der aktiven Ausnutzung sollten Anwender zügig patchen. (Sicherheitslücke, Microsoft)