Abusing Microsoft Office DDE
Written on:October 23, 2017
Introduction Earlier this month I came across a post by the team at SensePost outlining their macro-less code execution technique using the antiquated DDE feature of Microsoft Word. As you may be aware, this feature has existed in Office for many years and was even written about over 15 years ago as a potential threat vector. Old or not, as we continue to put up obstacles in front of malicious actors…
Read more...In category: Exploits
Tags:dde , ddeauto , dynamic data exchange , Microsoft , Microsoft Word , office , outlook , phishing , word
Tags:dde , ddeauto , dynamic data exchange , Microsoft , Microsoft Word , office , outlook , phishing , word
are closed