Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Microsoft Publisher 'Dynamic Data Exchange (DDE)' Attacks Security Advisory (4053440)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is missing an important security update according to Microsoft Security Advisory 4053440.
Insight
Insight
The flaw exists as the Microsoft Office provides several methods for transferring data between applications and the 'DDE' protocol is one such set of messages and guidelines. It sends messages between applications that share data, and uses shared memory to exchange data between applications. Applications can use the DDE protocol for one-time data transfers and for continuous exchanges in which applications send updates to one another as new data becomes available.
Affected Software
Affected Software
Microsoft Publisher 2016 Microsoft Publisher 2013 Microsoft Publisher 2010 Microsoft Publisher 2007
Detection Method
Detection Method
Get the installed application version and check through the registry whether appropriate DDE features are disabled or not.
Solution
Solution
Disable the DDE feature via the registry editor or user interface as given in advisory.