Microsoft Disables Word DDE Feature To Prevent Further Malware Attacks

An anonymous reader writes: As part of the December 2017 Patch Tuesday, Microsoft has shipped an Office update that disables the DDE feature in Word applications, after several malware campaigns have abused this feature to install malware. DDE stands for Dynamic Data Exchange, and this is an Office feature that allows an Office application to load data from other Office applications. For example, a Word file can update a table by pulling data from an Excel file every time the Word file is opened. DDE is an old feature, which Microsoft has superseded via the newer Object Linking and Embedding (OLE) toolkit, but DDE is still supported by Office applications.

The December Patch Tuesday disables DDE only in Word, but not Excel or Outlook. The reason is that several cybercrime and spam groups have jumped on this technique, which is much more effective at running malicious code when compared to macros or OLE objects, as it requires minimal interaction with a UI popup that many users do not associate with malware. For Outlook and Excel, Microsoft has published instructions on how users can disable DDE on their own, if they don't want this feature enabled.

Re:Newer?

[angel'o'sphere]

No, OLE is the attempt of reinventing the Apple "OLE" which they had years before, but then dropped it as it is pointless.
CORBA is something completely different and has nothing to do with OLE at all. CORBA is an object oriented RPC (remote procedure call) "specification". It basically only works inside of the same "Server" (ORB = object request broker) family (same vendor, not even same OS is enough).
It got soon extended by the IIOP, internet inter ORB protocol, which made it possible that ORBs of different vendors could interact with each other.
While there are similarities, they have not much in common. In CORBA e.g. you have platform neutral specification languages (IDL, interface description languages) that make it possible to generate communication skeletons and "dumb data objects" to talk to any ORB. And then fill out the logic you need.
An ORB is basically a fancy "REST Server" ... or "SOAP", does not matter, means: A server application.
In other words: the data you manipulate is somewhere else. On the server.

With OLE every single Application on your Windows PC can be its own small server, able to handle requests to manipulate objects that are actually "embedded" into other programs.

You basically tell a remote (but still on the same machine) progam to manipulate your local data. OLE is basically CORBA reversed. Instead of calling business logic on the server, the other side manipulates the data in the client. (And there is no IDL/specification language, but you have to implement all the hooks the other side needs to manipulate your data)

P.S.
Similar to CORBA *and* OLE is MS COM and DCOM inspired by DECs was DCE, Distributed Computing Environment.
Or as a summary:
* CORBA is supposed to be used in a LAN/WAN and with IIOP over the internet, OLE is supposed to be used on the same machine, but it is possible to use OLE Servers (as in remote)
However, why anyone would use OLE for remote stuff when we have CORBA, SOAP and REST is beyond me.
* the CORBA server is called by clients, letting the server do something for them on the server
* OLE asks the server to do something inside of your own address space, you basically embed (hence the E in OLE) a part of the server into your own application, it is basically a super fancy DLL(dynamic link library)