A remote code execution vulnerability (CVE-2026-45472) has been identified in Microsoft Office for Android, allowing an attacker to potentially execute arbitrary code on a user’s device. Microsoft has released a security update to address the flaw, and users running affected versions should apply the patch immediately. While this affects a mobile application rather than a cloud service directly, compromised devices accessing corporate cloud resources pose a significant risk to enterprise environments.

Security Architect’s Take: Ensure mobile device management (MDM) policies enforce automatic updates for Microsoft Office on Android across your organisation’s managed device fleet, and consider temporarily restricting access to sensitive cloud resources from unpatched Android devices using conditional access policies in Entra ID until compliance is confirmed.

Original advisory: CVE-2026-45472 Microsoft Office Remote Code Execution Vulnerability