How to Exploit DDE in Microsoft Office & Defend Against DDE Based Attacks

In our previous article, we learned how to take advantage of a feature, Dynamic Data Exchange (DDE), to run malicious code when an MS Word document is opened. Because Microsoft built DDE into all of its Office products as a way to transfer data one-time or continuously between applications, we can do the same thing in Excel to create a spreadsheet that runs malicious code when opened. The best part is, it will do so without requiring Macros to be enabled. Necurs Botnet Employs DDE Attack to Spread Locky Ransomware In the time since its discovery as an attack vector, many Black Hats have been... more