Hackers use the dde vulnerability in word to distribute malware

A vulnerability was recently discovered in Word that allows malware to be distributed. This is possible by taking advantage of a function called " Microsoft Dynamic Data Exchange (DDE) ". Microsoft stated that it was not a vulnerability as such, so there was no need to fix anything. Something that has opened the door for hackers.

Hackers use DDE vulnerability in Word to distribute malware

The DDE protocol is an old function that allows users to easily load information from other applications without suffering compatibility problems. In other words, being able to load an Excel table into a Word document without any problem. But, in recent weeks, malicious campaigns have been detected that take advantage of this non-vulnerability.

Computer attacks taking advantage of DDE

Malicious documents are being used to distribute malware, mainly through email. Responsible hackers operate from Botnet Necurs, which controls more than 6 million computers worldwide. In this way they carry out a series of threats, such as hiding Trojans in malicious documents. But they are not the only computer attacks that have been detected.

Other more complex computer attacks have also been detected more complex attacks that distribute the RAT Trojan "DNSMessenger" that allows you to connect to the system remotely. Or even another that distributes the Locky ransomware. So the threats are diverse and real.

DDE is a legitimate function of Microsoft Office, so there is no protection available. The only thing users can do to protect themselves is to avoid downloading and opening any document from the Internet or that comes attached via email. This way we prevent them from taking advantage of this failure in the DDE protocol. While still waiting for Microsoft to do something, but the company does not see it as a vulnerability, so they are not going to do anything.