Back to Blog

Unpatched Microsoft Word DDE Exploit Being Used In Widespread Malware Attacks

October 20, 2017

By: Sikur

win

Swati Khandelwal

19/10/2017

A newly discovered unpatched attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns.

Last week we reported how hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange (DDE), to perform malicious code execution on the targeted device without requiring Macros enabled or memory corruption.

DDE protocol is one of the several methods that Microsoft uses to allow two running applications to share the same data.

The protocol is being used by thousands of apps, including MS Excel, MS Word, Quattro Pro, and Visual Basic for one-time data transfers and for continuous exchanges for sending updates to one another.

The DDE exploitation technique displays no “security” warnings to victims, except asking them if they want to execute the application specified in the command—although this popup alert could also be eliminated “with proper syntax modification.”

MORE: https://thehackernews.com/2017/10/ms-office-dde-malware-exploit.html

Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

contact@sikur.com

Follow us

Try SIKUR





Contact Us
First Name*
Last Name*
E-mail*
Mobile Number*
Company*
Country*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
Comments
I agree to the Privacy Policy and Terms of Service.