"…Microsoft Excel files are being used to exploit a zero-day (previously unknown/unpatched) vulnerability and plant keystroke loggers on select (.gov?) networks…bugs in Microsoft Office applications emerged over the last year as standard weapons for criminals conducting corporate espionage and computer attacks against military targets. Last summer, Microsoft’s Office team struggled to keep pace with flaw discoveries and, after a brief lull, it looks like we’ll see much of the same this year.
If you have valuable information on machines with Microsoft Office installed, you might want to consider these important mitigation strategies to avoid finding a rootkit in a sensitive part of your network a few months from now." – Content courtesy of Browsers – How to Minimize Risk from Zero-Day Attacks – Ryan Naraine’s Security Watch