However, Microsoft has offered a temporary fix that will protect Office 365 and Office 2019 users.
Firstly, the attack can be mitigated if Microsoft Office is running the default configuration and opens documents from the web in Protected View or Application Guard.
The former is a read-only mode where most editing functions are disabled, while the latter isolates untrusted documents.
Another workaround that Microsoft listed online is disabling the installation of all ActiveX controls.
Microsoft said: “Disabling the installation of all ActiveX controls in Internet Explorer mitigates this attack. This can be accomplished for all sites by updating the registry. Previously-installed ActiveX controls will continue to run, but do not expose this vulnerability.