Vulnerability in Word Could Allow Remote Code Execution
I work with Exchange Server, but all Microsoft employees are very aware of security. I am posting this just so you are aware.
Stephen Toulouse has posted some blurbs about a security vulnerability in Word 2003 and Word XP.
You can also read more (such as the workarounds until a fix is released) at http://www.microsoft.com/technet/security/advisory/919637.mspx
I'm thinking that the above link will be updated with developments. It is version 1.0 at the time I write this.
Keep an eye on this one...