The National Information Technology Development Agency (NITDA) has issued a nationwide advisory warning individuals and organisations about a high-severity zero-day vulnerability affecting Microsoft Office products.
The agency said the flaw, tracked as CVE-2026-21509, is already being actively exploited, according to confirmation from Microsoft.
According to NITDA, the zero-day flaw allows attackers to bypass Object Linking and Embedding (OLE) security protections designed to prevent malicious code execution in Office applications.
The vulnerability:
- Has a CVSS score of 7.8 (high severity)
- Requires user interaction – specifically opening a specially crafted Office document
- Does not use the Preview Pane as an attack vector
NITDA warned that successful exploitation could enable attackers to:
- Execute malicious code
- Deliver malware
- Steal sensitive data
- Compromise systems
- Conduct lateral movement within organisations
The agency stressed that immediate action is strongly advised due to confirmed real-world exploitation.
Microsoft disclosed the flaw last month after detecting exploitation in the wild. Reports indicate that sophisticated threat actors, including Russia-linked groups such as APT28 (also known as Fancy Bear), quickly weaponised the vulnerability following its discovery.
The flaw has reportedly been used in targeted espionage campaigns across Europe and other regions.
Microsoft identified multiple Office versions as vulnerable, including:
- Office 2016 (32-bit and 64-bit)
- Office 2019 (32-bit and 64-bit)
- Microsoft 365 Apps
- Office 2021 and later versions
While Office 2021 and newer editions benefit from service-side mitigations, users must restart their applications for protections to activate.
NITDA advised:
- Immediate installation of the latest out-of-band security updates for Office 2016 and 2019
- Restarting Office 2021 and later applications to enable service-side protections
- Educating staff about the risks of opening unsolicited Office documents
- Implementing endpoint protection and advanced email filtering solutions
NITDA continues to issue advisories aimed at reducing IT risk exposure across Nigeria. The agency has previously warned users about vulnerabilities affecting digital platforms, messaging applications, and emerging technologies.
The latest alert underscores growing concerns about zero-day exploits and the need for proactive patch management and user awareness in Nigeria’s expanding digital ecosystem.
