Since there is no official patch for the alleged vulnerability, a workaround is to block embedded video files or take other defenses to prevent dubious documents from affecting systems and networks.
The potential vulnerability was reported by security vendor Cymulate. The problem is how Microsoft Office 2016 and earlier versions handle video files built into Word .docx documents. If there are no security measures, the video footage opens a door for remote code execution.
Currently I no idea how critical the vulnerability is and under which constellations it works. Details can be found at Cymulate (but a security solutions is advertised immediately via chat) and at The Register.
Cookies helps to fund this blog: Cookie settings