You are right that the usage of the term is confusing in this context. I think it still communicates two critical aspects: First, this is being exploited right now in the wild (and was when it was discovered it sounds like).
Second, your windows machines are almost certainly vulnerable right this moment, and you should update immediately.
Perhaps they could have phrased it more clearly, but considering that it sounds like a full exploit on opening a powerpoint document, some alarm is appropriate.
I also think it was a little brash to name it "Sandworm" when it is not, as far as we know, a worm. It certainly has the potential to be used as the key exploit in a worm though.
Perhaps they could have phrased it more clearly, but considering that it sounds like a full exploit on opening a powerpoint document, some alarm is appropriate.
I also think it was a little brash to name it "Sandworm" when it is not, as far as we know, a worm. It certainly has the potential to be used as the key exploit in a worm though.