Zero-day exploits target undisclosed or recently discovered vulnerabilities which have yet to be patched.
The attacks are often not detected by security software, and can be much more effective in compromising systems and installing malware.
The Sans Institute reported a threefold increase in the number of attacks targeting Microsoft Office in 2006.
The organisation spotted 45 vulnerabilities in Office classified as either 'serious' or 'critical', nine of which were also reported as active zero-day exploits.
Excel and PowerPoint experienced sharp increases in the number of reported vulnerabilities.
Sans attributed this in part to the prevalence of Office and the fact that the suite does not have as much security protection as programs such as web browsers.
The report also pointed to a rise in attacks against two emerging technologies: VoIP and web-based applications.
- New IE7 bug exposes users to content injection
- Microsoft plugs seven 'critical' security holes
- Microsoft rolls out corporate client security beta
- Microsoft pushes out Office Live
- Web application security brought into focus
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago