What happened?
On 10 March 2026, Microsoft released its monthly security update bundle, which addressed more than 80 Common Vulnerabilities and Exposures (CVEs). One of the most significant was CVE‑2026‑26144.
Microsoft classifies the flaw as a cross-site scripting (XSS) vulnerability in Microsoft Office Excel. In simple terms, an attacker can embed malicious code — such as a hidden script — within an Excel file. When that file is processed, the code executes without the user needing to click or interact with it, making it a “zero‑click” attack.
The risk is amplified by AI tools such as Microsoft Copilot. Copilot is designed to automatically access, index and summarise documents stored across a user’s network — including Excel files. If Copilot processes a malicious Excel file (for example, through a preview pane or an automated search), it can unknowingly trigger the embedded script. Once triggered, the script can use Copilot's own network permissions to extract sensitive data and send it to an attacker-controlled server — all without the user ever opening the file themselves.
Regarding CVE‑2026‑26144, Microsoft’s Exploitability Index currently rates active exploitation as unlikely, and there is no evidence of public disclosure or active abuse at the time of release.
So what?
This patch highlights a new avenue for attackers: not only inserting malicious code into a document but enabling that code to be executed through AI tools such as Microsoft Copilot.
AI tools such as Copilot are designed to improve efficiency and are widely adopted across organisations to search, collate and summarise information, particularly document content. Because these interactions can occur without visible user action, they can be hijacked by attackers to perform operations that would normally require a user to manually open a document.
Previously, exploiting a malicious document would typically require a user to locate and open it manually. Copilot, however, has broad permissions that allow it to access and process document contents across a network automatically, including through features such as the document preview pane.
This means Copilot could be manipulated into using its legitimate network access to fetch or transmit content on an attacker’s behalf, effectively acting as a proxy for data exfiltration.
This vulnerability highlights the importance of conducting proper due diligence before granting broad permissions to any application, whether built‑in or third‑party. It also reinforces the need to monitor and apply security patches promptly.
The use of AI tools for data exploitation is not new — as seen in incidents such as EchoLeak — and similar techniques are likely to become more common.
What should I do?
Address this vulnerability by updating Microsoft Excel to the latest version available.
As a precaution, temporarily disable or restrict Copilot’s preview features and prioritise checks within higher-risk departments such as HR, Finance and Legal.
Where possible, reduce privileges for all AI-based tools and limit their access to restricted or sensitive documents and emails.
Monitor for unusual Microsoft Office-related network activity and flag any new or irregular processes for investigation.