🟠High  | Source: Microsoft Security Response Center
CVE-2026-44817 is a remote code execution vulnerability in Microsoft Excel affecting Microsoft Office for Mac. An attacker exploiting this flaw could execute arbitrary code on a victim’s machine, potentially leading to full system compromise. Microsoft has released security updates and only Mac users running affected Office software need to act.
Security Architect’s Take: Ensure macOS endpoints across your organisation have the latest Microsoft Office for Mac updates deployed promptly — prioritise this via your MDM solution (e.g. Intune or Jamf) and verify compliance through your endpoint management tooling. Confirm that Windows and cloud-hosted Office users are unaffected and no additional action is required for those workloads.
Original advisory: CVE-2026-44817 Microsoft Excel Remote Code Execution Vulnerability