Critical Excel+Copilot Flaw — Patch Now | March 2026
A zero-click Excel+Copilot vulnerability enables data exfiltration without user interaction — patch immediately. March 2026 Patch Tuesday delivers 83 fixes including 8 critical and 2 publicly disclosed zero-days. Plus: SharePoint's new experience is rolling out, Teams gets a cleaner interface, and 31 new SharePoint templates are live.
📋 TL;DR — What You Need to Know
- 🔴 CVE-2026-26144: Zero-click Excel+Copilot vulnerability enables silent data exfiltration — patch NOW
- 🔴 Patch Tuesday: 83 vulnerabilities fixed, 8 critical, 2 publicly disclosed zero-days
- 🟡 New SharePoint experience — Major UX refresh rolling out globally since March 10
- 🟡 Teams simplified app bar — Cleaner workspace arriving mid-March
- ⏰ Defender for Android 10 — Support ends March 31
🚨 CVE-2026-26144: Excel + Copilot Zero-Click Data Exfiltration
A critical XSS vulnerability in Excel combines with indirect prompt injection to weaponize Copilot Agent for unauthorized data exfiltration. This is a zero-click attack — no user interaction required.
How The Attack Works:
- Malicious payloads embedded in Excel files exploit the XSS flaw
- Copilot's access is leveraged to extract sensitive data silently
- No user clicks, no prompts — happens in the background
🚨 March 2026 Patch Tuesday: 83 Vulnerabilities Patched
Microsoft's monthly security release addresses a significant batch:
| Category | Count |
|---|---|
| Total vulnerabilities | 83 |
| Critical severity | 8 |
| Publicly disclosed zero-days | 2 (not yet actively exploited) |
| PrintNightmare-like fix | Print queue vulnerability included |
🟠 New SharePoint Experience Now Rolling Out
Microsoft began deploying a "completely reimagined" SharePoint experience on March 10th. The refresh includes:
- Smarter collaboration tools
- Faster navigation
- More intuitive design
Rollout is progressive — expect it to hit your tenants over the coming weeks.
🟠 Teams Simplified App Bar (Mid-March)
A cleaner Teams workspace is coming with reduced visual clutter:
- Less-used apps move to a "View more apps" menu
- Users can optionally hide the bar entirely
- Good UX improvement for those overwhelmed by sidebar bloat
🟠 31 New SharePoint Page Templates
The new template gallery brings improved browsing, filtering, and search. Templates cover:
- Announcements
- Storytelling
- Video layouts
- News pages
The gallery now opens automatically when creating new pages.
🟢 AI Skill Inferencing Expands to E3/E5
Microsoft is extending AI-powered skill inferencing to E3 and E5 users. User profiles will stay more accurate and current automatically — helpful for organizations leveraging skills-based search and recommendations.
⚡ Quick Hits
| What | When | Impact |
|---|---|---|
| Defender Android 10 support ends | March 31 | No updates or support post-deadline |
| Teams Meeting Notes (Loop-powered) | April | Instant meeting notes sync to Planner/To Do |
| Copilot Pages → SharePoint News | May | Publish Copilot content as SharePoint News |
| SharePoint Featured Links retiring | June 2026 | Low-usage feature being removed |
| Teams recording expiration emails retire | June 1 | Reminder emails stop; policies unchanged |
✅ Admin Action Items
- [URGENT] Deploy March 2026 Patch Tuesday updates — prioritize Copilot-enabled environments for CVE-2026-26144
- [THIS WEEK] Review Defender policies for Android 10 devices — before March 31 deadline
- [AWARENESS] Prepare users for the new SharePoint experience — rolling out now
- [PLANNING] Evaluate Teams simplified app bar impact — on user workflows
🗓️ Upcoming Deadlines
| Date | Event |
|---|---|
| March 31 | Defender Android 10 EOL |
| April 1 | MFA enforcement + grace period removal deadline |
| June 1 | Teams recording expiration emails retire |
| June 2026 | SharePoint Featured Links fully removed |
🔥 The Bottom Line
Stop reading and start patching. CVE-2026-26144 is the kind of vulnerability that keeps security teams up at night — zero-click, silent data exfiltration through Copilot. If your organization uses Copilot (and who isn't these days?), this should be your top priority this week.
The SharePoint refresh and Teams changes are welcome UX improvements, but don't let shiny new features distract from the security fundamentals. Patch first, then enjoy the new templates.
Stay patched, stay sharp. 🔥
Questions about these updates?
Fireside Cloud Solutions can help you audit your patching strategy, review Copilot security policies, and plan your SharePoint transition.
Schedule a Free Consultation →That's the Pulse for this week. Questions? Reply to this newsletter or reach out to your Fireside Cloud Solutions contact.