Security News > 2017 > November > Microsoft Provides Guidance on Mitigating DDE Attacks

Microsoft Provides Guidance on Mitigating DDE Attacks

2017-11-09 14:15

Microsoft published guidance for Windows admins on how to safely disable Dynamic Data Exchange (DDE) fields in Office that are being used to spread malware in email-based attacks.

News URL

http://threatpost.com/microsoft-provides-guidance-on-mitigating-dde-attacks/128833/

#attack #microsoft

Related news

Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
Microsoft Teams phishing attack alerts coming to everyone next month (source)
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
Microsoft: Hackers steal emails in device code phishing attacks (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		382	52	1418	2914	175	4559

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.