The Internet Security Report released recently by WatchGuard Technologies found that hackers are increasingly using Microsoft Office documents as carriers for malware.
Cybercriminals use phishing emails to tricking employees into downloading and opening the attached infected Microsoft Office document. This allows cybercriminals to deliver malicious payloads in enterprise systems.
Three types of attacks that take advantage of Microsoft Office vulnerabilities made it into the report's top ten malware attack types for the first time in 2017, including "macro-less malware," or Dynamic Data Exchange (DDE), attacks.
The report also found an increase in zero-day malware attacks in the fourth quarter of 2017. "Malware attacks leveraging MS Word documents grew by 33% in Q4" www.scmagazineuk.com (Mar. 29, 2018).