Microsoft released the July 2020 Office security updates with a total of 25 security updates and 5 cumulative updates for 7 different products, fixing 17 vulnerabilities that could allow remote attackers to execute arbitrary code on unpatched systems. Microsoft also patched a maximum severity wormable DNS vulnerability yesterday, with two of them actively exploited in the wild. The 9 RCE vulnerabilities patched this month are rated by Microsoft as either Critical or Important severity issues since they could enable attackers to executed arbitrary code in the context of the current user after successful exploitation.
Source: https://www.bleepingcomputer.com/news/security/microsoft-office-july-security-updates-patch-critical-rce-bugs/