Unfortunately what you have will only scratch the surface when it comes to vulnerabilities.
MS Office files can have files attached/embedded within them as well as have macros attached to them. PDFs can also have functionality added to them.
A thorough check of an uploaded Word or Excel document would have you actually open up the file within your uploader and then checking for Macros or Embedded/Attached files.
A cheap trick that you can do with the current versions (docx, xlsx) is to utilize the fact that they actually are ZIP files with content files within them.
You could un-zip these and review all of the files that are within it and look for malicious files.
No matter what, this is going to require quite a bit of research to do:
Google: Office Interop Word Embedded Files[
^]
Google: Office Interop Word Macro[
^]
My Recommendation would be to purchase and utilize actual software specializing in protecting from malicious uploads; like the kind used to scan email attachments. If your company already has this there may be an API available to use.