Interesting via @MyYiff and others - .iqy files (that open in Microsoft Excel), trigger DDE exploit. Mass spamming right now. Bypass mail gateways it appears. https://www.virustotal.com/en/file/a0b80b57879ef437709bae7e2896efb7be9bd57291e64bc58d7cd13bd1de9f27/analysis/ …
-
-
Ok, so that's consistent with it being allowed by default in Excel by not in Word, post-updates. I must have misread that advisory when it was updated. But...I need to dig into exactly what MS is doing here.
-
So yeah, that's it: the Dec. update blocks it in Word, but the Jan. Excel update just gives you more blocking options should you so choose. (Fortunately, just realized I was using the old Excel reg settings to block anyway.) Office security can never, ever be simple, can it?
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.