HANDS ON SharePoint
HANDS ON Teams
HANDS ON Lists
HANDS ON tek
M365 Admin
An updated version of the January 2026 Scan Cab is available
IMPORTANT: This notice is only relevant for environments where:
- Microsoft Office is used
- Scan Cab is used to check for update compliance
- The January 2026 Scan Cab was deployed before 2:30 PM PT on January 27, 2026.
An updated version of the January 2026 Scan Cab was made available at 2:30 PM PT on January 27, 2026. This Scan Cab includes new metadata corresponding to new updates for Microsoft Office 2016.
The new security updates for Microsoft Office released January 26, 2026, included additional protections to address CVE-2026-21509. Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally. See the additional information section of this message for details.
How this affects your organization:
IT administrators who downloaded the Scan Cab before 2:30 PM PT on January 27, 2026, should re-acquire and re-deploy it if the Scan Cab is used to assess updates for environments where Microsoft Office is used.
No action is required on environments where Scan Cab is not employed and do not have Microsoft Office installed. However, please note that there might be non-Microsoft applications that utilize Scan Cab. Review the documentation for any software and update deployment tools that might be in use for your organization, to understand if this is applicable in your environment.
What you need to do to prepare:
Administrators can download the updated Scan Cab here. Visit CVE-2026-21509 to find download links, release notes, and appropriate action for affected versions of Microsoft Office. For detailed guidance, see the Additional information section below.
Additional information:
- Updated Scan Cab: Download the new Scan Cab here
- CVE-2026-21509: Microsoft Office Security Feature Bypass Vulnerability
- Security Update for Microsoft Office 2016 (KB5002713)
- Announcing a smaller WSUS Scan Cab – Microsoft Tech Community: Learn more about WSUS and the Scan Cab process
- Using WUA to Scan for Updates Offline – Win32 apps | Microsoft Docs: Windows Update Agent (WUA) can be used to scan computers for security updates without …
Message ID: MC1223281
