Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Microsoft Issues Warning On Dynamic Data Exchange Vulnerability

Microsoft Issues Warning On Dynamic Data Exchange Vulnerability


With the Threat Group APT28 now using Microsoft's Dynamic Data Exchange (DDE) as an attack point, the company has issued an official advisory concerning the practice, along with possible mitigation methods. DDE is a protocol used for interprocess communications, such as the transferring of data between applications.
The advisory notes that attacks can take place via email and corrupt Word, Excel, Publisher and Outlook documents. An attack is conducted through email when an attacker sends the intended victim a specially crafted file with a name designed to entice the victim to open it. Unlike other attacks that use Word docs, with DDE the victims do not have to manually enable macros for the payload to download. Instead, infection happens automatically.
Microsoft offered several suggestions for stopping these attacks.
Source:
Microsoft
SC Magazine
Team Cymru
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis