Hackers used specially-crafted Microsoft Word documents during the last few months to abuse an Integer Overflow bug that helped them bypass sandbox and anti-malware solutions and exploit the Microsoft Office Equation Editor vulnerability. The bug can be used to carry any payload into an OLE file, so this can be chained to pretty much any Word vulnerabilty. Microsoft chose not to release a security patch because “the issue on its own does not result in memory corruption or code execution”” although it “”acknowledged it was unintended behavior”””
Source: https://www.bleepingcomputer.com/news/security/hackers-revive-microsoft-office-equation-editor-exploit/