Microsoft Security Advisory on Office software
Microsoft Security Advisory (953635)
Vulnerability in Microsoft Word Could Allow Remote Code Execution
Microsoft is investigating new public reports of a possible vulnerability in Microsoft Office Word 2002 Service Pack 3. Our initial investigation indicates that customers who use all other supported versions of Microsoft Office Word, Microsoft Office Word Viewer, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, and Microsoft Office for Mac are not affected.
More info and work-around at http://www.microsoft.com/technet/security/advisory/953635.mspx