Attackers are using a zero day vulnerability in nearly all supported versions of Windows in a series of targeted attacks. The flaw is in the OLE technology in Windows and can be used for remote code execution is a targeted user opens a rigged Office file. Microsoft is warning customers that there is no patch available for this new vulnerability. The company has issued a FixIt tool that mitigates the known attacks on the vulnerability, but is still looking into whether a full patch will be necessary. The attacks that have been seen so far are using malicious PowerPoint files to exploit the vulnerability.
Source: https://threatpost.com/attackers-exploiting-windows-ole-zero-day-vulnerability/108958/