A few days ago McAfee shared some details of a new Word vulnerability that they discovered by analyzing some samples. This is a 0-Day, that is, a failure that can be exploited even with all the security patches installed.
It affects all versions of Office, including 2016.
The first attacks were detected in late January with an exploit embedded in an RTF file with extension .DocOnce this document was opened, malware was installed behind the scenes without the victim noticing.
According to the security company Proofpoint, one of the Trojans spread with this technique in a massive way was the bank Dridex.
As general advice, caution is recommended when opening attachments that are received unexpectedly or from untrusted sources (either .doc, .pdf or whatever the extension is). In addition, according to tests carried out by specialists, when having Office Protected View activated (available as of version 2010), the exploit cannot be run until document editing is activated, an option that should only be used if the file comes from a trusted source.
Microsoft is expected to release a security patch to fix this vulnerability on Tuesday, April 11, so we recommend installing it as soon as it is available.
Update: The security patch is now available, more information here.