22nd October 2017 By Bill Brenner
In the last two weeks, Sophos researchers have kept an eye on a vulnerability in Microsoft’s Dynamic Data Exchange (DDE) protocol used to send messages and share data between applications.
Yesterday, new developments revealed an additional dimension to this attack.
Early on, we noted that attackers could exploit DDE to launch malware via tainted Office attachments, for example in Word and Excel files, but without using macros.
On Friday, independent reports surfaced showing that it’s possible to run DDE attacks in Outlook using emails and calendar invites formatted using Microsoft Outlook Rich Text Format (RTF), not just by sending Office files attached to emails.
Full Article.
