The prevalence of attacks driven by malicious documents has been long-standing, and the recent serious vulnerabilities CVE-2021-40444 and CVE-2022-30190 have made malicious documents even more rampant. In this talk, we will analyze nearly a hundred samples of malicious documents within the past six months, investigating the CVEs, common exploitation techniques, and evasion methods they utilize. We will also point out the trends in exploiting malicious documents vulnerabilities in recent times, and suggest the key points to be aware of when detecting and scanning them.