F-Secure shares an interesting development on how the bad guys are timing exploits to surface right after patch Tuesday.   Thankfully, the unpatched Office vulnerabilities have been rare in the wild.  Users should continue keep up-to-date on AV protection plus exercise caution when they receive any email with Office related attachments. 

Exploit Wednesday -- the day after Patch Tuesday
http://www.f-secure.com/weblog/archives/archive-072006.html#00000922

QUOTE: The bad guys are taking advantage of three things:

1. The first is the patch cycle itself. These new exploits are being released after the second Tuesday of each month to maximize its lifespan.

2. The second is the common day-to-day routine of receiving Office files. There haven't been any new macro viruses to speak of for some time and so Office files (doc/xml/ppt) easily pass through corporate firewalls and people don't think twice about clicking on them. This avenue of attack is currently under the radar and is not perceived as a danger by end users.

3. And the third advantage is that the companies exploited don't want to talk about it. They dread the negative publicity as a victim of espionage. That's why the public doesn't know the name of last month's Excel exploit victim. Such hush-hush may be keeping some of these exploits from being reported.