A vulnerability has been detected in Microsoft's Dynamic Data Exchange (DDE) protocol. The protocol allows information to be exchanged between applications.
In the past, this vulnerability was used from inside Office files, such as Word and Excel. These attacks do not work as long as files are only used in read-only mode. This is the default method for files that come from outside. However, a new type of attack has surfaced.
The new attack uses Outlook. For example, the victim receives a calendar invitation. Gladly in this case abuse of the vulnerability can be provented too. Before the attack becomes active, the user is prompted to agree with two requests that are presented to him on pop-up screens.
Don't agree. Click "No".
If you do that on the first screen, the second screen will not be presented to you. However, after clicking "Yes", on the second screen you still have the option to stop the malware from being started.
Click "No".
If you have clicked "Yes" on both screens, turn off your computer and warn the ICT Service Desk and CERT-UT.
