Microsoft’s new update patches the Office DDE vulnerability currently being exploited in the wild

Microsoft rolled out a new update as a part of Patch Tuesday and it fixes an important vulnerability. The latest patch Tuesday update disables DDE feature in Word which was recently abused to install malware.

In case you don’t know, DDE stands for Dynamic Data Exchange and it allowed Word to pull out data from other Office apps like a table or graph from Microsoft Excel or a database file from Microsoft Access. The feature is outdated and was superseded by Object Linking and Embedding (OLE) toolkit. DDE is a very old feature and considering the risks involved, it was a smart decision by Microsoft.

Back in October, Microsoft also put up a Security Bulletin to advise and help users to disable DDE to prevent malware attacks. Microsoft also released this update for unsupported Office 2007 in order to make sure no one is a potential victim of an attack. If you’re still interested in using DDE on your PC, you can use the following registry edit to enable it back.

  • In the Registry Editor navigate to \HKEY_CURRENT_USER\Software\Microsoft\Office\version\Word\Security AllowDDE(DWORD)
  • Set the DWORD value based on your requirements as follows:

AllowDDE= 0: To disable DDE. This is the default setting after you install the update.
AllowDDE= 1: To allow DDE requests to an already running program, but prevent DDE requests that require another executable program to be launched.
AllowDDE= 2: To fully allow DDE requests.

We do however recommend you not to fiddle with Registry Editor unless you have a proper knowledge of what you’re doing. It is better to leave DDE disabled as it has caused problems in the past and is not safe to use right now.

Via: Bleeping Computer

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.