Microsoft’s May 2017 Patch Tuesday included fixes for three zero-days that were used by cyber-espionage groups operating out of Russia. The first of these, CVE-2017-0261, affects the Office suite and allows attackers to execute code on victims’ machines via a vulnerability in the Office EPS (Encapsulated PostScript) feature. Microsoft knew of this issue since March but wasn’t able to deliver a patch at the time. The company turned off the filter in Office, which prevented the bug from being exploited in up-to-date systems.
Source: https://www.bleepingcomputer.com/news/security/3-of-4-zero-days-microsoft-patched-yesterday-were-used-by-russian-cyberspies/