Skip to main content

Mitigating the Microsoft DDE Vulnerability

Microsoft released guidance to ensure that Microsoft Office applications are properly secured when processing Dynamic Data Exchange (DDE) Fields. Applications use the DDE protocol for one-time data transfers and for continuous exchanges in which applications send updates to one another as new data becomes available. A number of exploits have been designed that leverage the DDE protocol to launch malware through MS Office applications such as word and excel. Administrators are strongly advised to review Microsoft Security Advisory 4053440 and implement the mitigation measures. Detailed advisory