It sort of flew under the radar amongst larger incidents and attacks over the past month, but the Microsoft DDE abuse popped up, which is essentially a feature in Office products that allows the execution of an application when provided the link to it in the doc. The feature is meant to allow a document to automatically update itself from external data sources. And, much like macros in the past, disabling DDE (and OLE) in Office could break features that some people do rely on. Nonetheless, there is advice out there from ThreatPost/Microsoft.