Security researchers are reporting that a weakness in the way Microsoft Office applications handle Macromedia Flash files can expose users to remote hacking attacks.
Security software firm Symantec has warned that Flash files embedded in Office documents could run and execute malicious code without any warning.
Symantec said in its alert, "A successful attack may allow attackers to access sensitive information and potentially execute malicious commands on a vulnerable computer."
The vulnerability relates to ActiveX controls in an Office document. Microsoft said the threat was not a vulnerability but was linked to established features in Office documents.
Microsoft has admitted though that the functionality could be used by an attacker to automatically load an ActiveX control onto a user's system via an Office document.
ActiveX controls are small applications usually used to make websites more interactive. Users can prevent potential attacks by blocking such controls in their applications, said Microsoft.
Microsoft is already currently dealing with two other reported security threats in its Excel spreadsheet program, which is part of the Office suite.