Threat Post

Microsoft Provides Guidance on Mitigating DDE Attacks

Microsoft published guidance for Windows admins on how to safely disable Dynamic Data Exchange (DDE) fields in Office that are being used to spread malware in email-based attacks. Despite a rash of ...
eWeek

Attacks Exploit Microsoft Dynamic Data Exchange Protocol

In this episode of eSpeaks, Jennifer Margles, Director of Product Management at BMC Software, discusses the transition from traditional job scheduling to the era of the autonomous enterprise. eSpeaks’ ...
Bleeping Computer

Microsoft Office Attack Runs Malware Without Needing Macros

Malware authors don't necessarily need to trick users to enable macros to run malicious code. An alternative technique exists, one that takes advantage of another legitimate Office feature. This ...
Threat Post

Legacy Office Feature Used In Novel Document Attacks

A forgotten feature in Microsoft Office allows attackers to bypass antivirus scanners and pull off document-based attacks to install malware. Recent document-based attacks have leveraged malicious ...
Computerworld

Surprise! Excel gets a variation of the Word DDE block settings

You may recall that Microsoft disabled automatic Dynamic Data Exchange (DDE) in Word back in December. I wrote about the problem and its solution in “Office as a malware delivery platform: DDE, ...