![]() |
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation
Home › Forums › AskWoody blog › Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation
Tagged: DDE, KB 4011575, KB 4011590, KB 4011608, KB 4011612, KB 4011614, Macro obfuscation, Scriptlets
- This topic has 13 replies, 6 voices, and was last updated 3 years, 3 months ago.
Viewing 2 reply threads-
AuthorPosts
-
-
December 19, 2017 at 3:02 pm #153301
woody
ManagerI thought we got over the Office macro malware blues back in the 90s. Nope. All of that high-powered native document intelligence is coming back to bi
[See the full post at: Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation] -
December 19, 2017 at 3:55 pm #153311
MrJimPhelps
AskWoody_MVP -
December 19, 2017 at 4:14 pm #153313
Seff
AskWoody PlusPeople here often say “Don’t enable editing”, but how else can you alter or print a document? If there’s a safer way of doing so without e.g. switching products (I personally found Open Office to be incompatible with my then work when I tried it) then perhaps someone could kindly put forward a brief guide? I’m sure it would make a useful article.
-
December 19, 2017 at 4:27 pm #153316
zero2dash
AskWoody LoungerWoody mentioned (in a previous but related post) that Office Online doesn’t have these vulnerabilities, which does make sense. (More sense than most things related to MS.)
There is some free functionality with Office Online for anyone, even those without an active O365 subscription. You have to upload your files to OneDrive to then be able to open them in Office Online, but otherwise – you should be able to use that to ‘get around’ these vulnerabilities, if LO/OOo/GDocs do not meet your requirements.-
December 19, 2017 at 4:44 pm #153318
Seff
AskWoody PlusThanks for that Zero, but my immediate reaction is that copying all my files and documents to a separate MS storage site is kind of swapping one potential security concern for another! That’s only based on the briefest of Google research, however, so I’ll look into it a little more. Thanks again.
-
December 19, 2017 at 4:47 pm #153319
zero2dash
AskWoody LoungerI would give LibreOffice [Fresh] a shot; I’ve had better luck with LO keeping MS Office formatting intact than with Apache OpenOffice. (Other people swear by Kingsoft WPS Office, so that would be a second option if LO doesn’t fit the bill.)
-
December 21, 2017 at 9:26 am #153610
-
-
December 19, 2017 at 4:51 pm #153320
PKCano
ManagerI’ve had better compatibility with Libre Office. One thing you have to watch is the fonts. MS doesn’t embed fonts unless you make a point in doing so (which makes the file bigger). So if you open a MS created document, the font may be different from the original.
-
December 20, 2017 at 7:12 am #153386
MrJimPhelps
AskWoody_MVPI always use Calibri font when I type in MS Word; but this font is not available in Libre Office Writer.
However, if I create a document in Word, then open it in Writer, the document remains in Calibri in Writer.
I’m using Windows 7 / 8.1 and Linux Mint 18.2, if that means anything for this issue.
Group "L" (Linux Mint)
with Windows 8.1 running in a VM1 user thanked author for this post.
-
December 20, 2017 at 7:16 am #153387
-
December 20, 2017 at 12:19 pm #153426
MrJimPhelps
AskWoody_MVP -
December 21, 2017 at 9:29 am #153611
-
-
-
-
December 20, 2017 at 7:55 am #153388
woody
Manager-
December 20, 2017 at 12:22 pm #153428
MrJimPhelps
AskWoody_MVPI’m slowly moving everything possible over to Google Docs and Sheets.
Starting in 2018, I hope to be doing all of my day-to-day writing in Docs.
Well, that should increase your readership some — all of those folks at Google who scan through the docs and emails that people create and work on in Google Docs, Gmail, and other Google “free” products — they will now be reading what you are writing!
Group "L" (Linux Mint)
with Windows 8.1 running in a VM
-
-
-
-
AuthorPosts
Viewing 2 reply threads -
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search Newsletters
Search Forums
Recent Replies
MrToad28 on MS-DEFCON 2 – Deferring the April Updates
2 minutes agob on The ides of March
4 minutes agoPKCano on 2000013: How to clear the Windows Update queue in Win10
17 minutes agob on Outlook cannot read the calendar
22 minutes agoSusan Bradley on MS-DEFCON 2 – Deferring the April Updates
35 minutes agoSusan Bradley on MS-DEFCON 2 – Deferring the April Updates
36 minutes agoanonymous on 2000013: How to clear the Windows Update queue in Win10
38 minutes agob on Outlook cannot read the calendar
39 minutes agocastiel on The ides of March
42 minutes agoabbodi86 on Standalone installer script for Windows 7 ESU, regardless the license
1 hour, 6 minutes agoMicrofix on How much RAM does your computer have?
1 hour, 12 minutes ago280park on MS-DEFCON 2 – Deferring the April Updates
1 hour, 14 minutes agoGoneToPlaid on Firefox SSD capacity usage ?
1 hour, 25 minutes agoOld enough to know better on Inside tech support scams
1 hour, 37 minutes agoBob99 on Dism RestoreHealth shows two “Versions” and Q re 20H2 “Experience”
1 hour, 44 minutes agoWCHS on 20H2 and and OOB optional March 18 printer problem update
2 hours, 4 minutes agoanonymous on 2000013: How to clear the Windows Update queue in Win10
2 hours, 15 minutes agobamateau on Outlook cannot read the calendar
2 hours, 17 minutes agoPKCano on MS-DEFCON 2 – Deferring the April Updates
2 hours, 34 minutes agoPKCano on 2000013: How to clear the Windows Update queue in Win10
2 hours, 39 minutes agoMrToad28 on MS-DEFCON 2 – Deferring the April Updates
2 hours, 39 minutes agoanonymous on Are you a Consultant or IT Pro?
2 hours, 41 minutes agoanonymous on 2000013: How to clear the Windows Update queue in Win10
2 hours, 45 minutes agoOscarCP on Good animated movies and shows for ages ten to one hundred and ten.
2 hours, 47 minutes agoMicrofix on Firefox SSD capacity usage ?
2 hours, 52 minutes agoSky on Firefox SSD capacity usage ?
3 hours, 4 minutes agoMicrofix on Firefox SSD capacity usage ?
3 hours, 18 minutes agoPKCano on Dism RestoreHealth shows two “Versions” and Q re 20H2 “Experience”
3 hours, 19 minutes agoLHiggins on Question about allowing/stopping laptop from turning off USB device
3 hours, 23 minutes agoAlex5723 on Question about allowing/stopping laptop from turning off USB device
3 hours, 26 minutes ago
Recent Topics
-
Dism RestoreHealth shows two “Versions” and Q re 20H2 “Experience”
1 hour, 44 minutes ago
-
Firefox SSD capacity usage ?
1 hour, 25 minutes ago
-
Android : New Wormable Malware Spreads by Creating WhatsApp Auto-Replies
7 hours, 8 minutes ago
-
KB4092436 – can neither install it or hide it
5 hours, 14 minutes ago
-
MS-DEFCON 2 – Deferring the April Updates
2 minutes ago
-
Tasks for the weekend – April 10, 2021 – change your Office
13 hours, 20 minutes ago
-
Grandma, what big updates you have!
16 hours, 8 minutes ago
-
Mapping a drive
15 hours, 50 minutes ago
-
vssvc?
11 hours, 29 minutes ago
-
Inside tech support scams
1 hour, 37 minutes ago
-
Hackers hacked Swarmshop stolen credit cards database
1 day, 13 hours ago
-
DuckDuckGo updates its plugin to block Google’s creepy FLoC
11 hours, 47 minutes ago
-
Initial Apple M1 SoC Support Aims For Linux 5.13 Kernel
1 day, 13 hours ago
-
How much RAM does your computer have?
1 hour, 13 minutes ago
-
odd optional update
1 day, 20 hours ago
-
Editing a PDF in Mint
3 hours, 40 minutes ago
-
20H2 and and OOB optional March 18 printer problem update
2 hours, 4 minutes ago
-
20H2 and 2020-02 CU for .NET
1 day, 19 hours ago
-
20H2 and Adobe Flash Player
6 hours, 11 minutes ago
-
How to set MLB homepage in Edge Chromium
2 days, 3 hours ago
-
Scraped data of 500 million LinkedIn users being sold online
2 days, 4 hours ago
-
Question about allowing/stopping laptop from turning off USB device
3 hours, 23 minutes ago
-
Office 2010 Installer “Wanted”
5 hours, 56 minutes ago
-
Subscribed topics
1 day, 15 hours ago
-
New age olympics – hacking contest
1 day, 23 hours ago
-
Questions about installing Brave on Linux Mint
4 hours, 7 minutes ago
-
Testing if I could post a thread
1 day, 5 hours ago
-
File Explorer shortcut 30 – 45 seconds to open a window
1 day, 23 hours ago
-
Basic Asset Management Software
2 days, 7 hours ago
-
My first OEM Linux PC (laptop)!
2 days ago
Search for Topics
Recent blog posts
- MS-DEFCON 2 – Deferring the April Updates
- Tasks for the weekend – April 10, 2021 – change your Office
- Inside tech support scams
- How much RAM does your computer have?
- Are you a Consultant or IT Pro?
- Windows Update for Business isn’t just
- April 2021 Office non-Security Updates are now available
- Touchscreen misregisters point-and-clicks
Key Links
Copyright © 2004 – 2021 AskWoody Tech LLC. All rights reserved.