Security News > 2017 > November > Russian 'Fancy Bear' Hackers Using (Unpatched) Microsoft Office DDE Exploit

2017-11-09 01:07
Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. Last month, we reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/NJpDug3pK2o/apt28-office-dde-malware.html
Related news
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert! (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Microsoft isn't fixing 8-year-old shortcut exploit abused for spying (source)
- Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)