Several days ago security researchers detected exploitation of a “zero day” vulnerability in Microsoft Office files - e.g. Word and Excel. (The term zero day means that the vendor has had no time to implement a fix.) The bug is spread through malicious code within Office documents, often attached to emails. This method of delivery is fairly common, but this new vulnerability makes it even easier for an infected document to grant an attacker access to your system. To keep yourself safe, never open email attachments from unknown senders or even known senders that don’t appear to be writing as themselves. A patch from Microsoft is expected soon, so regularly reboot your computer to be sure patches can be fully applied. You can read all the geeky details in this writeup from the cybersecurity research team that reported the vulnerability.
