A remote code execution vulnerability (CVE-2026-44819) has been identified in Microsoft Office for Mac, allowing attackers to potentially execute arbitrary code on affected systems. Microsoft has released security updates to address the flaw, and only Mac users running affected Office software need to act. Users on other platforms are not impacted.

Security Architect’s Take: Ensure all macOS endpoints running Microsoft Office are patched immediately via your MDM or endpoint management tooling; prioritise any devices with access to cloud environments or sensitive data, and verify compliance through your endpoint detection inventory.

Original advisory: CVE-2026-44819 Microsoft Office Remote Code Execution Vulnerability