Home > Knowledge Centre > MS Office

Your Office Document is at Risk – XLL, A New Attack Vector

  • Anjali Raut / 3 years
  • 0
  • 8 min read

  Microsoft Office documents are used worldwide by both corporates and home-users alike.  It’s different office versions, whether licensed or unlicensed offers users an easy way to create and modify files. However, this software is also susceptible to cyberattacks. Cybercriminals often take advantage of its vulnerability and use VBA (Visual Basic Application) macros as entry […]

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’ – An Analysis by Quick Heal Security Labs

  • Aniruddha Dolas / 8 years
  • 0
  • 5 min read

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2017-11882. Let’s take a look at in-depth analysis of one […]

An emerging trend of DDE based Office malware – an analysis by Quick Heal Security Labs

  • Aniruddha Dolas / 8 years
  • 0
  • 3 min read

For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are using a different technique to spread malware through Office files – using a new attack vector called ‘Dynamic Data Exchange (DDE)’. DDE is an authorized Microsoft Office feature that provides several methods for transferring data between applications. Once the communication protocol is established, it doesn’t require user interactions to exchange data between applications. The DDE […]