Microsoft warned about a zero-day vulnerability in Microsoft Word that is being actively exploited in targeted attacks and discovered by the Google security team. “At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010…” company said.
According to Microsoft's security advisory, Microsoft Word is vulnerable to a remote code execution vulnerability (CVE-2014-1761)