A security vulnerability in Microsoft Office for Mac (CVE-2026-45485) allows information disclosure, potentially exposing sensitive data to attackers. Microsoft has released security updates to address the flaw, and only users running the affected Mac version of Office need to act. Users of other Microsoft Office platforms are not affected.

Security Architect’s Take: Ensure macOS endpoints running Microsoft Office are patched promptly via your MDM or patch management tooling — verify compliance particularly for devices accessing cloud-hosted data in Microsoft 365 or Azure environments. No action is required for Windows or web-based Office deployments.

Original advisory: CVE-2026-45485 Microsoft Office Information Disclosure Vulnerability