The Indian Computer Emergency Response Team (CERT-In) has reported a serious security vulnerability (CVE-2026-45659) in the Microsoft Office app, which could lead to remote code execution and unauthorized access. This issue arises from the deserialization of untrusted data, allowing malware to infiltrate systems when users open infected document files. Microsoft Office, which has been a leading productivity tool since its launch in June 1989, boasts over 1.2 billion active users worldwide. Microsoft has acknowledged the vulnerability and released an update to address it. Users are strongly encouraged to update their apps to the latest version to protect their personal and financial information. Additionally, CERT-In has flagged similar vulnerabilities in Microsoft 365 Copilot, highlighting problems with input validation and authentication that could allow attackers to execute arbitrary code and disrupt cloud services. Users can update their Office apps by following a simple process outlined by Microsoft.