Microsoft patches 45 unique vulnerabilities in nine products, including three under attack. The tech giant patches two more zero-day vulnerabilities that attackers had been exploiting in the wild for months. The code-execution flaw in Microsoft Word is a remote-code execution flaw that could allow an attacker to remotely take over a fully patched and up to date computer when the victim opens a Word document containing a booby-trapped OLE2link object. Microsoft has released a fix for CVE-2017-0199 and credited Ryan Hanson of security firm Optiv with reporting the critical vulnerability to the company.
Source: https://thehackernews.com/2017/04/microsoft-patch-tuesday.html