Microsoft has warned users to be vigilant after the discovery of a series of attacks on Office.
The attacks use specially crafted Word files to target a vulnerability in Microsoft's Jet DB, a database component used in the productivity suite.
The company issued an advisory outlining the attacks, which were classified as "very limited" and aimed at specific targets.
McAfee researcher Craig Schmugar suggested in a blog posting that the attacks could indicate a shift in strategy.
Attackers have typically exploited Microsoft Jet DB vulnerabilities through MDB files, and Microsoft has always stuck to its MDB files are unsafe story, wrote Schmugar. "Well that has changed," he added.
Microsoft said that Windows Vista and the recent Service Pack 1 upgrade are not vulnerable to the buffer overflow used in the attack. The Service Pack 2 version of Office 2003 is also immune.
The company is investigating the attacks, and has not yet decided whether to patch the flaw immediately or wait until next month's scheduled security update. Microsoft has advised users not to open files from untrusted sources.
The vulnerability allows an attacker to access the system with the rights of the current user, and Microsoft said that administrators can minimise this risk by putting controls on non-administrator accounts.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally