// Alert

Microsoft 365 threat report

Microsoft disclosed CVE-2026-45472, a critical remote code execution vulnerability in Office for Mac (including Microsoft 365 for Mac, Office LTSC 2021, and 2024) with no patch available as of June 9, 2026. The vulnerability allows attackers to execute arbitrary code via malicious Office files that can be triggered through Finder Quick Look preview without opening the file. A proof-of-concept exploit and active exploitation attempts have been observed in the wild.

// Get alerts for Microsoft 365