[metafex]

This exploit is delivered with a PowerPoint document, so no remote hole. It's a bit strange, that the reference a CVE (for which no information is available) and just generically describe the campaign and whatnot. The real report though is only available after a registration? That's not really the way things should be done. If there is a threat, inform people about it and don't hide all the stuff.

[300bps]

To get the real report you have to give them your work email address and work phone number. The context of why they are asking for that is to make sure you're qualified to receive the information but you can be darned sure that list will make its way to the marketing department.