With the latest patches out this Tuesday, Microsoft has completely removed Equation Editor from all still supported Office versions, so it's a very good idea to also remove it from older Office versions ASAP. I'm guessing this drastic measure has to do with the fact that Microsoft doesn't seem to have the source code for this bundled third-party application, and since it's been under ongoing attack even after the previous binary patch was issued for it, they decided that continuing to patch the binary just wasn't feasible.
If your version of Office is still supported, simply apply the latest patches from Microsoft Update (see the CVE link below for manual downloads).
For older versions like Office 2000/XP/2003, you can either remove this feature with the Office installer and mark it unavailable (as described below in the If you don't use Equation Editor section), or simply replace the existing EQNEDT32.EXE with a 0-size empty file still called EQNEDT32.EXE (this appears to be what the patches for newer Office versions do).
See the following links for more details and Microsoft's suggestions for replacements of Equation Editor functionality.
This post used to be titled HOWTO: Install Office 2007 Equation Editor security update (KB4011604. aka KB4011276) on Office 2000/XP/2003 and had the following contents:
A remote code execution vulnerability was patched this month in Equation Editor, an Office component (CVE-2017-11882 | Microsoft Office Memory Corruption Vulnerability, Description of the security update for 2007 Microsoft Office Suite: November 28, 2017).
Official patches are available only for Office 2007 and higher, but since it's a standalone component that hasn't changed since the year 2000, and Microsoft has simply applied a binary patch to the executable and resigned it, you can also use this patch with Office 2000, XP and 2003.
NOTE: KB4011604 was initially released as KB4011276 for English and Chinese only. If you've already installed KB4011276, you don't need to install KB4011604, the Equation Editor payloads are byte-for-byte identical. If you prefer a statement from Microsoft (from the CVE link above): "Customers who have already installed the previously-released updates (4011276 or 2553204) do not need to take any further action."
If you don't use Equation Editor, instead of updating it, you might want to remove it from your computer altogether. (Even if you don't have it installed right now, since it defaults to Installed on First Use, it's a good idea to explicitly deselect it in the Office installer.)
Go to Control Panel > Add or Remove Programs, locate your Office 2000/XP/2003 installer and choose the Change option, then pick Add or Remove Features when the installer launces.
Find Equation Editor in the component tree. The exact location may differ depending on your Office version, in my case (Office XP) it was under Office Tools. To disable its installation, or remove it from your computer if already installed, mark it as Not Available and complete the update. You should no longer have an Equation folder under (typically) C:\Program Files\Common Files\Microsoft Shared.
If you do use Equation Editor, you'll have to update it manually. (Trying to run the installer, it'll just tell you that you don't have an applicable product installed.) To do this, you'll be needing 7-zip (or a similarly versatile unpacker).
Get the patch either as an EXE installer from the Download Center (English; other languages direct links by @Bersaglio) or a CAB file from WU/Catalog (English) .
Right-click on the downloaded file and choose to open it with 7-zip.
(EXE only) Select , right-click, Open Inside.
Select eqnedt32-[your-language].msp (e.g. eqnedt32-en-us.msp), right-click, Open Inside.
Select PATCH_CAB, right-click, Open Inside.
Extract EQNEDT32.EXE_[numeric language code] (e.g. EQNEDT32.EXE_1033) to a location of your choice and remove the numeric part from the file name, leaving you with EQNEDT32.EXE.
Copy this file to your Equation Editor folder, (typically) at C:\Program Files\Common Files\Microsoft Shared\Equation, replacing the old EQNEDT32.EXE in there. (If you like, you can make a copy of the old version, but you can always restore it later by re-running the Office installer.)
To make sure everything is kosher now, check EQNEDT32.EXE properties. The version should show 2017.8.14.0.
(Note that if you use the Office installer in the future to change installed components or repair your installation, it may put back the old EQNEDT32.EXE and you'll have to manually replace it again.)