Security News > 2017 > October > Unpatched Microsoft Word DDE Exploit Being Used In Widespread Malware Attacks

2017-10-20 03:07
A newly discovered unpatched attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns. Last week we reported how hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange (DDE), to perform malicious code execution on the targeted device without requiring Macros enabled or memory
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/frEukka96gU/ms-office-dde-malware-exploit.html
Related news
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features (source)
- Open-source malware doubles, data exfiltration attacks dominate (source)
- PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
- Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader (source)