Stephen Toulouse, security program manager, said on a company blog that Redmond's researchers are aware of the attacks and are working on an update for the flaw.
"We've kept the Office team engaged on a state of high alert over the past couple months for vulnerabilities relating to Office. Right now they are working on an update to address the issue," he said.
Microsoft released an advisory for the flaw this afternoon.
Symantec first warned PC users about the trojan, which it called PPDropper.B, on Wednesday, but said it had only infected a low number of users.
Microsoft last week said it was aware of "extremely limited, targeted attacks exploiting the vulnerability."
The Redmond, Wash., company released a batch of seven security fixes less than a week ago as part of its monthly Patch Tuesday release schedule.