Here’s our quick ‘n’ dirty summary of the alert:
Microsoft Dynamic Data Exchange (DDE) is a legitimate and useful Microsoft feature that has been around since the 1980s. It allows an Office application to load data from other Office applications. (For example, a Word file can update a table by pulling data from an Excel file every time the Word file is opened.) Unfortunately, malware authors have found out that they can use it to con users into enabling macros that run malicious code. A fraudster creates phony Word files with DDE fields that, instead of opening another Office app, open a command prompt and run malicious code. A favorite trick has been to send what appears to be an invoice. When the user downloads the invoice and clicks on the embedded DDE links, the damage is done.
Data security 101: Always be wary of opening any emails from unknown senders, and certainly don’t open embedded documents. If you weren’t expecting a document from a known sender, check with them before opening an email with an attachment to make sure they really sent you the email.