A cyberespionage team, possibly based in Russia, has been using a Windows zero day vulnerability to target a variety of organizations in several countries, including the United States, Poland, Ukraine and western Europe. The attackers use highly targeted spearphishing emails in order to lure users into opening a rigged PowerPoint file that contains the exploit code for the vulnerability. The vulnerability, which will be patched today by Microsoft, is trivially exploitable and researchers say that the team behind the attacks have been using it since August.
Source: https://threatpost.com/sandworm-apt-team-found-using-windows-zero-day-vulnerability/108815/