Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • DDEAUTO vulnerability evolving

    Posted on October 22nd, 2017 at 14:29 Kirsty Comment on the AskWoody Lounge

    Further to recent news on DDEAUTO vulnerability, this threat has, like all good malware, evolved.

    From nakedsecurity.sophos.com:

    On Friday, independent reports surfaced showing that it’s possible to run DDE attacks in Outlook using emails and calendar invites formatted using Microsoft Outlook Rich Text Format (RTF), not just by sending Office files attached to emails.

    In the original attack users had to be coaxed into opening malicious attachments. By putting the code into the email message body itself, the attack comes one step closer, meaning that the social engineering needed to talk a recipient into falling for it becomes easier.

    The good news is that whether a DDE attack comes via an attachment or directly in an email or a calendar invite, you can stop the attack easily:
    Just say no

    You can read their article here

    AdminITs might like to check out the Microsoft blog on ASR (Attack Surface Reduction), which is said to mitigate the risks – linked in the AdminIT Lounge topic “Enable Attack Surface Reduction in Win10-1709“.

    If that helped, take a second to support AskWoody on Patreon

    Home Forums DDEAUTO vulnerability evolving

    This topic contains 2 replies, has 3 voices, and was last updated by  woody 3 weeks, 5 days ago.

    • Author
      Posts
    • #139929 Reply

      Kirsty
      AskWoody MVP

      Further to recent news on DDEAUTO vulnerability, this threat has, like all good malware, evolved. From nakedsecurity.sophos.com: On Friday, independen
      [See the full post at: DDEAUTO vulnerability evolving]

      5 users thanked author for this post.
    • #140295 Reply

      anonymous

      Does clicking ESC at the DDE warning window have the same effect as clicking No ?

      As comparison, whenever there are dubious-looking or unwanted popup windows in the web browser, I always click ESC to close the popup. I understand that No (or even clicking anywhere on the popup) may sometimes activate whatever the popup was crafted to activate. So my SOP is to never click anything on the popup’s dialog window.

      • #140478 Reply

        woody
        Da Boss

        I don’t know.

        1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: DDEAUTO vulnerability evolving

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: