Today, Microsoft alerted customers about a new Zero-Day exploit with very little explanation of how the exploit works, other than it could happen when opening or saving a Trojanized Word document:

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: December 5, 2006
********************************************************************

Security Advisories Updated or Released Today
==============================================

 * Microsoft Security Advisory (929433)
  - Title: Vulnerability in Microsoft Word Could Allow
    Remote Code Execution
  - http://www.microsoft.com/technet/security/advisory/929433.mspx
  - Revision Note: Advisory published.   

********************************************************************

The work arounds include not opening unsolicited document files. I don't know about you, but I receive unsolicited email all the time. A patch is forthcoming from Microsoft as they continue to investigate this mysterious Word flaw.