Office-for-Mac on ZX Cloud Securityhttps://zxcloudsecurity.co.uk/tags/office-for-mac/Recent content in Office-for-Mac on ZX Cloud SecurityHugoen-GBThu, 19 Jun 2025 14:00:00 +0000CVE-2026-44818: Excel for Mac RCE Vulnerabilityhttps://zxcloudsecurity.co.uk/posts/cve-2026-44818-microsoft-excel-mac-remote-code-execution/Fri, 19 Jun 2026 14:00:00 +0000https://zxcloudsecurity.co.uk/posts/cve-2026-44818-microsoft-excel-mac-remote-code-execution/Microsoft patches CVE-2026-44818, a remote code execution flaw in Excel for Mac. Find out what's affected and how to protect your organisation.🟠 High  |  Source: Microsoft Security Response Center

A remote code execution vulnerability (CVE-2026-44818) has been identified in Microsoft Excel for Mac. An attacker who successfully exploits this flaw could execute arbitrary code on a victim’s machine, typically by convincing a user to open a malicious Excel file. Only users running Microsoft Office for Mac are affected; other Office platforms do not require action.

Security Architect’s Take: Ensure all macOS endpoints running Microsoft Office are patched immediately via the update released by Microsoft. If you manage a fleet of Macs through Intune or a third-party MDM solution, prioritise deploying this update and validate compliance reporting to confirm coverage before threat actors can weaponise a public proof-of-concept.

Original advisory: CVE-2026-44818 Microsoft Excel Remote Code Execution Vulnerability

]]>CVE-2026-44819: Microsoft Office for Mac RCE Vulnerabilityhttps://zxcloudsecurity.co.uk/posts/microsoft-office-mac-remote-code-execution-cve-2026-44819/Fri, 19 Jun 2026 14:00:00 +0000https://zxcloudsecurity.co.uk/posts/microsoft-office-mac-remote-code-execution-cve-2026-44819/Microsoft patches CVE-2026-44819, a remote code execution flaw in Office for Mac. Learn what's affected and the steps to protect your organisation.🟠 High  |  Source: Microsoft Security Response Center

A remote code execution vulnerability (CVE-2026-44819) has been identified in Microsoft Office for Mac, allowing attackers to potentially execute arbitrary code on affected systems. Microsoft has released security updates to address the flaw, and only Mac users running affected Office software need to act. Users on other platforms are not impacted.

Security Architect’s Take: Ensure all macOS endpoints running Microsoft Office are patched immediately via your MDM or endpoint management tooling; prioritise any devices with access to cloud environments or sensitive data, and verify compliance through your endpoint detection inventory.

Original advisory: CVE-2026-44819 Microsoft Office Remote Code Execution Vulnerability

]]>CVE-2026-45458: Microsoft Outlook & Word RCE Fixhttps://zxcloudsecurity.co.uk/posts/cve-2026-45458-microsoft-outlook-word-remote-code-execution-mac/Fri, 19 Jun 2026 14:00:00 +0000https://zxcloudsecurity.co.uk/posts/cve-2026-45458-microsoft-outlook-word-remote-code-execution-mac/Microsoft patches CVE-2026-45458, a remote code execution flaw in Outlook and Word for Mac. Mac users should update immediately to stay protected.🟠 High  |  Source: Microsoft Security Response Center

A remote code execution vulnerability (CVE-2026-45458) has been identified in Microsoft Outlook and Word for Mac. Microsoft has released security updates to address the flaw, and Mac users running affected versions of these Office applications should apply the patch immediately. Users on other platforms are not affected and no further action is required from them.

Security Architect’s Take: Ensure any Mac endpoints in your organisation running Microsoft Outlook or Word are updated promptly via your MDM solution or patch management tooling — prioritise devices with access to sensitive cloud environments or corporate email, as RCE vulnerabilities in mail and document clients present a significant initial-access risk.

Original advisory: CVE-2026-45458 Microsoft Outlook and Word Remote Code Execution Vulnerability

]]>