How to protect yourself against this attack?
Since the attack works on fully patched systems, users are highly advised to follow the recommendations below to mitigate such attacks:
- Do not open or download any suspicious Word files that arrive in an e-mail, even if you know the sender until Microsoft releases a patch.
- Since the attack does not work when a malicious document is viewed in Office Protected View mode, users are advised to enable this feature to view any Office documents.
- Always keep your system and antivirus up-to-date.
- Regularly backup your files in an external hard-drive.
- Disabling Macros does not offer any protection, yet users are advised to do so in an attempt to protect themselves against other attacks.
- Always beware of phishing emails, spams, and clicking the malicious attachment.
Read more at: https://securingtomorrow.mcafee.com/mcafee-labs/critical-office-zero-day-attacks-detected-wild/