Microsoft on Dec. 5 warned that an unpatched vulnerability in its Word software program is being used in targeted, zero-day attacks.
A security advisory from the Redmond, Wash., company said the flaw can be exploited if a user simply opens a rigged Word document.
There are no pre-patch workarounds available. Microsoft suggests that users "not open or save Word files," even from trusted sources. "As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources," the company said.