MS Office docx files may contain external OLE Object references as HTML files. There is an HTML scheme
ms-msdt:which invokes the
msdtdiagnostic tool, what is capable of executing arbitrary code (specified in parameters).
The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros). New Microsoft Office Zero-Day Exploit
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer