…on what seem to be attempts to exploit another ancient vulnerability, again from the group currently launching attacks on Tibetan NGOs. When the malicious, specially-crafted Word file is opened, shellcode writes and executes a malicious payload.
The typically comprehensive article states that their samples are not being detected by AV at present.
Hat tip to @dinodaizovi for flagging the article.
David Harley CITP FBCS CISSP