Microsoft released a security advisory to disclose a remote code execution vulnerability in Microsoft Office. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office. The attacker could exploit the vulnerability to run arbitrary code in the context of the current user. (Vulnerability ID: HWPSIRT-2017-10074)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-11826.
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-office-en