Microsoft issues advisory to users after macro-less malware attacks

Hackers have been found exploiting a freshly-uncovered vulnerability in Microsoft’s software to install malware on business computers.

According to security researchers, since last month a Russia-linked hacking group known as APT28 have been using a Microsoft protocol called Dynamic Data Exchange (DDE) to run malicious code through a poisoned Word document.

Targeted attacks linked to APT28 (also sometimes known as the “Fancy Bear” hacking gang) have taken advantage of the recent New York City terror incident in an attempt to plant spyware via the method.

DDE, as its name suggests, allows messages and data to be shared between applications. Last month, it was discovered that it was possible to launch attacks exploiting DDE through Word documents, Excel spreadsheets, and Outlook even when macros have not been enabled.

Source: Tripwire