Office-Macro

Adversaries may exploit Microsoft Office applications to execute malicious JScript or VBScript by leveraging the Microsoft.XMLDOM COM interface to process and transform XML documents using XSL scripts, potentially leading to initial access or defense evasion.

A vulnerability in Microsoft Office for Mac allows malicious code to escape the application's sandbox and achieve persistence by abusing a faulty regex for temporary files.