This critical vulnerability referenced under Microsoft Security Advisory ADV200004 affects Microsoft Office 2016, Microsoft Office 2019, Microsoft Office ProPlus 365 and Paint3D.
Microsoft have announced a remote code execution vulnerability that would allow attackers to gain control of systems with unpatched versions of Microsoft Office 2016, Microsoft Office 2019 and Microsoft Office ProPlus 365 as well as Paint3D which is installed by default with Windows 10.
We strongly advise that you update Microsoft Office and apply the latest Windows Security updates immediately.
Customers who are under a management agreement with S5 Technology Group have already had these updates applied.
For more information about this vulnerability and to get the associated security updates, refer to Microsoft Security Advisory ADV200004.