Microsoft today will release a patch for a vulnerability affecting the Microsoft Office MSGraph component that could be exploited to execute code on a target machine. The security flaw is part of a larger set of security vulnerabilities that researchers at Check Point discovered in MSGraph and reported to Microsoft. Check Point reported the vulnerabilities to Microsoft on February 28 and three of them were patched last month. All four vulnerabilities can be embedded in most Office documents, leaving room for multiple attack scenarios with the vulnerability being triggered once the victim opens a malicious Office file.
Source: https://www.bleepingcomputer.com/news/security/microsoft-office-msgraph-vulnerability-could-lead-to-code-execution/