The now-patched vulnerability would have let hackers target Microsoft Office using Symbolic Link—a file type that hasn’t been in common use in over 30 years.