Please read this blog posting. There are now 2 extremly critical holes in MS Word that alow a remote attacker to run code on your system. If you run as administrator(and most do) this can lead to a remote system takeover. There is no workaround except to not open word documents. A/v vendors are slowly catching up. update daily. If you are an ECC customer with a ECC installed firewall the anti-virus updates hourly. Right now ECC must advise all clients to be extra vigilant in accepting any attachments at all.
Eeye has a good MS zero-day exploit tracker right here.