A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware. The attacks are adept at evading security solutions such as sandboxes and AV solutions, which fail when there is no malicious content or rogue links in a document to detect. Attackers are exploiting design flaws in the document formats, in combination with abusing unpatched instances of a remote code execution vulnerability CVE-2017-8570 patched in July.
Source: https://threatpost.com/word-attachment-delivers-formbook-malware-no-macros-required/131075/