The percentage of macro based malware rose from around 6% of all document malware in June, to 28% in July (by contrast, 58% of document malware used known exploits) VBA has a few advantages over the more popular approach of using known exploits. VBA code isnt tied to a specific, vulnerable version of Office, so the malware author has to hope that the user is running Office, that their version of it is vulnerable and that their anti-virus is out of date or unable to spot the exploit.”]
Source: https://nakedsecurity.sophos.com/2014/09/17/vba-injectors/

