Microsoft’s Security Advisory 4053440 (DDE vulnerability)

[German]Microsoft has released Security Advisory 4053440 for the Dynamic Data Exchange (DDE) vulnerability in Microsoft Office. Here are some information about the topic.


What's the DDE vulnerability?

Microsoft Office provides the DDE protocol, a set of messages and guidelines, as one of several methods for transferring data between applications. The DDE protocol sends messages between applications that share data, and uses shared memory to exchange data between applications. Applications can use the DDE protocol for one-time data transfers and for continuous exchanges in which applications send updates to one another as new data becomes available.

There is a vulnerability in the Microsoft Office modules that support the DDE interface. This DDE vulnerability in Microsoft Word has been probably used within malware attacks to spread this malware. It is sufficient to open a compromised Word document file to download and run the malware via the DDE interface.

Security Advisory 4053440

On November 8, 2017, Microsoft published the following Security Advice, which deals with the DDE issue.

Microsoft Security Advisory 4053440
– Title: Securely opening Microsoft Office documents that contain
   Dynamic Data Exchange (DDE) fields
– Executive Summary: Microsoft is releasing this security
   advisory to provide information regarding security settings for
   Microsoft Office applications. This advisory provides guidance on
   what users can do to ensure that these applications are properly
   secured when processing Dynamic Data Exchange (DDE) fields.
– Originally posted: November 8, 2017
– Updated: N/A
– Version: 1.0

A Technet document contains more details and Microsoft describes ways to disable DDE in Excel, Word, Outlook via registry or in Trust Center.


Cookies helps to fund this blog: Cookie settings

This entry was posted in Office, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *