Microsoft announces that Office has two critical security vulnerabilities, and here's where you can find patches to fix them

When it comes to news about Microsoft Office, it's probably fair to say that it's usually about aspects that users have mixed feelings about, such as the addition of overbearing AI tools or changes to the interface, but two brief announcements from Redmond are likely to be welcomed by everyone. That's because they're about fixes for critical security vulnerabilities.With the catchy codenames of CVE-2026-26110 and CVE-2026-26113, these issues potentially allow anyone with local access to Office to execute whatever code they like.