Russian 'Fancy Bear' Hackers Using (Unpatched) Microsoft Office DDE Exploit

Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. Last month, we reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the

from The Hacker News http://ift.tt/2hUUv5y
via IFTTT