Microsoft released yesterday its monthly Patch Tuesday updates for all supported versions of Windows, and among the 45 unique vulnerabilities that have been addressed it's worth mentioning a critical fix for Office (via PC World). Indeed, the The CVE-2017-0199 vulnerability could allow arbitrary code to run when a maliciously modified file is opened in all versions of Office (from 2007 to 2016), and PC World notes that this security flaw has been actively exploited by attackers over the past few weeks.
This latest Patch Tuesday was also significant as the now ten-years old Windows Vista, which is now completely unsupported, received 18 last security updates. One of them (CVE-2017-0158) was a actually a fix for a critical remote code execution vulnerability, and going forward these kind of security issues will no longer be fixed. In other words, it's really time to move on if you're still running this old OS on your PC!Further reading: Microsoft, Office, Patch Tuesday, Security, Windows Vista