Excel

🟠 High | Source: Microsoft Security Response Center A remote code execution vulnerability (CVE-2026-44820) has been identified in Microsoft Excel for Mac. An attacker exploiting this flaw could execute arbitrary code on an affected machine, potentially leading to full system compromise. Microsoft has released a security update and Mac users running affected versions of Microsoft Office should apply the patch immediately. Security Architect’s Take: Ensure endpoint management policies enforce prompt installation of the latest Microsoft Office for Mac updates across your organisation — verify compliance via Intune or your MDM solution. If your environment includes Mac-based developer or analyst workstations with access to cloud environments, treat this as elevated priority given the potential for lateral movement post-exploitation. ...

🟠 High | Source: Microsoft Security Response Center A remote code execution vulnerability (CVE-2026-44823) has been identified in Microsoft Excel for Mac. An attacker exploiting this flaw could execute arbitrary code on an affected system, potentially gaining full control. Only users running Microsoft Office on macOS are affected; other Office platforms do not require action. Security Architect’s Take: Ensure all macOS endpoints in your organisation running Microsoft Office are patched immediately via your MDM or patch management tooling. Verify compliance through your endpoint management platform and confirm no exemptions exist for privileged users or developer machines running Office for Mac. ...

🟠 High | Source: Microsoft Security Response Center A remote code execution vulnerability (CVE-2026-45469) has been identified in Microsoft Excel for Mac. An attacker exploiting this flaw could execute arbitrary code on an affected system, potentially gaining full control. Only users running Microsoft Office on macOS are affected; other platforms do not require action. Security Architect’s Take: Ensure macOS endpoints running Microsoft Office are patched immediately via the update referenced in the release notes. If you manage a fleet of Mac devices through MDM (e.g. Jamf or Intune), prioritise deploying this update and confirm compliance before end of the current patching cycle. ...