skip to Main Content

Microsoft Word Disabled DDE feature to avoid malware threat

Microsoft Word Disabled DDE feature to avoid malware threat

Microsoft Word Disabled DDE feature to avoid malware threat – Microsoft Company has recently disabled DDE features on MS Word application in order to protect system from malware attacks. The discontinuation of DDE features in Word was taken by company in the month of December 2017. This is a preventive step taken against malware practices by Cyber criminals. The Cyber criminals uses DDE feature of Microsoft word to install malware on Computers.

What is the DDE feature in MS Word?

The DDE stands for Dynamic Data Exchange meant for exchanging data between Microsoft applications like word and excel. The new initiative replaced DDE with Object linking and Embedding (OLE) toolkit. Alternatively, we can say that one office application can load data from other office applications. For example – If an excel file is embedded in a word document, the data in the word table will be updated every time the word file is opened.

Microsoft messages “The DDE protocol is a set of messages and guidelines. It sends messages between applications that share data, and uses shared memory to exchange data between applications. Applications can use the DDE protocol for one-time data transfers and for continuous exchanges in which applications send updates to one another as new data becomes available”.

How malware do installed using DDE protocol?

In an email attack scenario, an attacker could leverage the DDE protocol by sending a specially crafted file to the user and then convincing the user to open the file, typically by way of an enticement in an email. The attacker would have to convince the user to disable Protected Mode and click through one or more additional prompts. As email attachments are a primary method an attacker could use to spread malware, Microsoft strongly recommends that customers exercise caution when opening suspicious file attachments.

Leave a Reply

Back To Top
%d bloggers like this: