There's an update in town, and it's all about locking it down: the 12.1.7 update to Microsoft Office 2008 (available within the suite via the software update tool, or downloadable from Microsoft) closes two security holes present in multiple versions of Microsoft Excel and first acknowledged by the company in February. These vulnerabilities could allow an attacker to create a specially-configured Excel file that, when opened, would allow full control of the target machine.
The update package also bundles up all the previous patches to Office 2008, which lends it heft (it weighs in at over 150 MB) but simplifies matters if you're a few revs behind. Note that there is no 12.1.6 update in the sequence; the previous patch level was 12.1.5.
If you haven't made the leap to Office 2008 yet (perhaps you're on a PPC Mac; perhaps you feel that you get better interoperability with Office 2003 users on Windows; perhaps you have to have Visual Basic support for macros), Microsoft is giving you the chance to consider moving up with a full-featured 30-day demo of Office 2008, now available for download in the USA. The package includes all the Office apps and can be upgraded to a paid license in the field without purchasing a boxed copy and reinstalling. Upgrades from previous editions of Office start at $240... of course, there are some less expensive alternatives out there.
[h/t Ars Technica]