Do you use Office? There is one vulnerability in DDE, a feature built into Office applications that many currently use to launch attacks. DDE or Dynamic Data Exchange is a feature of Microsoft Office designed to give applications the ability to exchange data with each other.
You can use DDE for example to update a table in a Word document using Excel data.
The protocol is widely used, not only in Microsoft Office applications such as Word or Excel, but also through Visual Basic And much more.
What makes the vulnerability very worrying is that it does not require macros. Attacks that are currently being made use e-mails to distribute malicious Office documents.
The users που ανοίγουν αυτά τα έγγραφα λαμβάνουν προειδοποιητικές υποδείξεις στο Office. Το Word για παράδειγμα εμφανίζει την προειδοποίηση “Αυτό το έγγραφο περιέχει συνδέσμους που μπορεί να αναφέρονται σε άλλα archives. Do you want to update this document with the data from the linked files?”
Most security applications do not detect any threat to Office documents.
Of course you can always protect your data by selecting "no" when Office prompts appear. Below we will see how you can add another level of protection. This will allow you to protect your system regardless of the choices that Office users make when encountering such malicious documents.
Obviously, this is only an option if the DDE attribute is not required. Note that home users do not lose anything if they turn off DDE, but Companies they may need it and so may not want to turn off the feature completely.
Turn off DDE
If you are using Microsoft Word 2016 or Microsoft Excel 2016, select Options> Advanced and uncheck the "Update auto-open links" option.
In Excel, you should also select "Ignore other applications that use Dynamic Data Exchange (DDE)".
The settings are in the following ways:
In Excel, Management Templates> Microsoft Excel 2016> Excel Options> Advanced.
Ask to update the automatic links
Ignore the other applications
For Word Management Templates> Microsoft Word 2016> Word Options> Advanced.
Update the automatic links to the opening
Below we will see how you can do all this with one click .. from its Registry computer your:
The file you include in zip contains the following code:
Registry Editor Version 5.00 [HKEY_CURRENT_USER \ Software \ Microsoft \ Office \ 16.0 \ Word \ Options] "DontUpdateLinks" = dword: 00000001 [HKEY_CURRENT_USER \ Software \ Microsoft \ Office \ 15.0 \ "DontUpdateLinks" = dword: 00000001 [HKEY_CURRENT_USER \ Software \ Microsoft \ Office \ 14.0 \ Word \ Options \ WordMail] "DontUpdateLinks" = dword: Microsoft Office \ 00000001 \ Word \ Options \ WordMail] "DontUpdateLinks" = dword: 16.0 [HKEY_CURRENT_USER \ Software \ Microsoft \ Office \ Office \ 00000001 \ OneNote \ Options \ "DisableEmbeddedFiles" = dword: 15.0 [HKEY_CURRENT_USER \ Software \ Microsoft \ Office \ 00000001 \ Options] "DontUpdateLinks" = dword: 14.0 "DDEAllowed" = dword: 00000001 "DDECleaned" = dword: 16.0 [HKEY_CURRENT \ N \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ \ 00000001 \ Excel \ Options] "DontUpdateLinks" = dword: 15.0 "DDEAllowed" = dword: 00000001 "DDECleaned" = dword: 16.0 "Options" = dword:
Open the zip on your computer (for example, on the desktop) and double-click on the file.
