Any and all based on Word2007 which is inside a ZIP file envelope.
Plenty of Trojans and Viruses have exploited deliberately malformed ZIP/JPEG/PDF binary streams to cause the wrong length buffer to be allocated and then trample off the end in a very creative way. Executing data is a very common way for these nasties to get in.
There is usually a bit of social engineering involved too. The files typically have an intruiging title that invites the suckers to click on it. Though some are as dumb as "You have to see this!" (you don't).
Just look at all the MickeySoft super Tuseday bodges that come out - Dec
2011 was a particularly juicy set.
Point is once the damn thing is inside a corporate firewall it can spread like wildfire when some clueless numpty clicks on it.