Campus Technology is reporting that hackers are exploiting a vulnerability in Microsoft Word that allows malware to be downloaded. The vulnerability is not associated with macros, as many in the past have been. The new exploit allows a the download of malicious HTML applications from a server which is disguised as a Rich Text document. A malicious script then is used to install malware.
McAfee was the first to report the discovery on Friday, April 7th. The cybersecurity company FireEye agreed with McAfee on the cause of the vulnerability.
For more information see:
Campus Technology: Hackers are Attacking Word Users with Microsoft Office Zero-Day Vulnerability
ZD Net: Hackers are attacking Word users with new Microsoft Office zero-day vulnerability
EducationDive: Microsoft Word is the latest frontier for hackers
Microsoft has released free Quick Start Guides for its Office 2016 product suite. The link for theWord guide is below.
WORD 2016 QUICK START GUIDE