Proofpoint said the trojan was distributed to millions of recipients across numerous organisations in Australia, which they claimed was the primary country of this attack.
Microsoft has issued a patch for this vulnerability, the details of which were reported by iTWire on Sunday.
The dialog box that appears when users open the document on a vulnerable system.
Sherrod DeGrippo, director of Emerging Threats for Proofpoint, said: "Threat actors continue to demonstrate their flexibility and adaptability, rapidly taking advantage of new means of infecting users.
"Although attacks relying on document exploits are increasingly uncommon, they certainly remain in attackers' toolkits. New, exploitable vulnerabilities are often not readily available but, in this case, attackers obviously jumped at an opportunity to launch a large campaign that relied on this new exploit."
Microsoft also released additional updates for vulnerabilities in its products overnight, as part of its monthly security updates.