A friend of mine clicked on a .doc attachment in a spam email because she had a moment of weakness in spite of all the precautions I've told her to take, and the email was cleverly worded.
But when I asked her if there were any dialogs that appeared when she opened the .doc file, she said no. I thought that the main threat with the outdated .doc format is that they can contain macros, and the newer versions of Word would present a dialog asking if you want to run the macro.
Since that did not happen, I am wondering now if there are other ways the .doc files can contain malware that will run with no user approval other than just opening the file.
BTW when I submit the .doc file to Virustotal, it detects trojan dropper, macro dropper, and various other garbage.
I am going to run a bunch of malware scanners on her system and see what comes up.
About Me: I have worked with multiple firms
You can check Software demonstration video, one of my work.