Microsoft patch Tuesday addressed vulnerabilities in Office 2004 Mac and is part of the 26 patches released. MS10-103 and MS10-104 are both ranked with mid level risk and impact by Microsoft. An attacker needs to entice a user to open a maliciously crafted Excel file or PowerPoint file. The impact is that the attacker gains the users privileges, if the user is logged in as an administrative user the impact will be critical.
Users should never perform tasks such as email, word processing or web cruising as an administrator. In addition Mac users should never open files from un-trusted sources. In addition to anti-virus software network shares should be scanned especially if the users share documents across multiple platforms. Many Mac administrators do not have anti-virus software scanning Mac OSX server directories even though ClamXav engine is included for mail. See http://www.clamxav.com/index.php?page=dl for more information on how to set it to scan particular directories. Intego also offers a server product which is top notch.
This update does not affect Office 2008 Mac.