Vulnerability in Word Could Allow Remote Code Execution
I work with Exchange Server, but all Microsoft employees are very aware of security. I am posting this just so you are aware.
Stephen Toulouse has posted some blurbs about a security vulnerability in Word 2003 and Word XP.
https://blogs.technet.com/msrc/archive/2006/05/20/429612.aspx
https://blogs.technet.com/msrc/archive/2006/05/19/429353.aspx
You can also read more (such as the workarounds until a fix is released) at https://www.microsoft.com/technet/security/advisory/919637.mspx
I'm thinking that the above link will be updated with developments. It is version 1.0 at the time I write this.
Keep an eye on this one...