The recent run of publicized vulnerabilities in Microsoft Office
and subsequent threats from malicious documents demonstrate that
attackers are automating their hunt for exploits and turning toward
targeting people, not systems, a security researcher said Monday.
The three months of Office vulnerabilities -- which started in May with Word, then spread in June and July to Excel and PowerPoint,
respectively -- demonstrate a shift in tactics, said Alfred Huger,
senior director of engineering with Symantec's security response group.