One of the four vulnerabilities discovered in Flash Player exploits the ability to insert the link to an infected file in Office documents.
In all modern browsers there is the feature “Ask before activating” that prevents the automatic execution of Flash content. The attackers then look for alternatives to target users, one of which involves inserting Flash files into Office documents. In fact, one of the critical vulnerabilities (CVE-2018-5002), discovered by the researchers of Icebrg and Qihoo 360, exploits the download of the infected content through the older editions of the well-known Microsoft productivity suite.
Usually the Office document is sent as an attachment to an e-mail message. When the user opens the file, downloading of the infected code from a remote server is started. In this way, its detection is more difficult and the attackers can specify the target based on the IP address. Adobe has already identified some attacks against Windows computers, so it has distributed a new version of Flash Player in advance of the traditional appointment (the second Tuesday of the month).
The latest Office editions automatically block Flash content, while in Office 2007 and 2010, you need to disable ActiveX controls in the Trust Center, following the guide published by Microsoft. To resolve the vulnerabilities, you need to install version 188.8.131.52 for all platforms.