Zero-day exploits target undisclosed or recently discovered vulnerabilities which have yet to be patched.
The attacks are often not detected by security software, and can be much more effective in compromising systems and installing malware.
The Sans Institute reported a threefold increase in the number of attacks targeting Microsoft Office in 2006.
The organisation spotted 45 vulnerabilities in Office classified as either 'serious' or 'critical', nine of which were also reported as active zero-day exploits.
Excel and PowerPoint experienced sharp increases in the number of reported vulnerabilities.
Sans attributed this in part to the prevalence of Office and the fact that the suite does not have as much security protection as programs such as web browsers.
The report also pointed to a rise in attacks against two emerging technologies: VoIP and web-based applications.
- New IE7 bug exposes users to content injection
- Microsoft plugs seven 'critical' security holes
- Microsoft rolls out corporate client security beta
- Microsoft pushes out Office Live
- Web application security brought into focus
Found by calculating the strength of the material deep inside the crust of neutron stars
Can highlight in real-time the relevant regions of an image being described
Double legal trouble for Musk as he also faces civil lawsuit over renewed British pot-holer 'paedo' claims
Battery development could help boost performance of smartphones