In a recent blog post, Trend Micro said it saw the former zero-day remote code vulnerability being used with Power Point.
See Content that is updated periodically by software or that is streamed to the user agent is not required to preserve or present information that is generated or received between the initiation of the pause and resuming presentation, as this may not be technically possible, and in many situations could be misleading to do so.
An animation that occurs as part of a preload phase or similar situation can be considered essential if interaction cannot occur during that phase for all users and if not indicating progress could confuse users or cause them to think that content was frozen or broken.
For a mechanism to be considered "a mechanism for the user to pause," it must provide the user with a means to pause that does not tie up the user or the focus so that the page cannot be used.
The word "pause" here is meant in the sense of a "pause button" although other mechanisms than a button can be used.
"Auto-updating" refers to content that updates or disappears based on a preset time interval.
Common time-based content includes audio, automatically updated weather information, news, stock price updates, and auto-advancing presentations and messages.
A freelance security consultant and Handler at SANS Internet Storm Center has discovered a rather interesting exploit in Microsoft Word, one that allows an attacker to abuse the productivity program's ability to auto-update links.
This is a feature that is enabled by default—when you add links to external sources like URLs, World with automatically update them without any prompts. "The infection vector was classic: The document (‘N_Order#with 5 random numbers) was received as an attachment and has a VT score of 12/59 this morning.
Security outfit Fire Eye said back in April that it observed Office documents exploiting CVE-2017-0199 that download and execute malware payloads from different well-known malware families.