Blog
Aniruddha Dolas

About Aniruddha Dolas

Aniruddha Dolas is part of the HIPS (Host-based Intrusion Prevention System) team in Quick Heal Security Labs. He has worked on various security vulnerabilities reported in MS Office and Acrobat PDF Reader, and network-based vulnerabilities. He has a keen interest in writing blog posts on trends observed during his research.

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’ – An Analysis by Quick Heal Security Labs

  • 15
    Shares
 February 5, 2018

Estimated reading time: 4 minutes

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2017-11882. Let’s take a look...

An emerging trend of DDE based Office malware – an analysis by Quick Heal Security Labs

  • 41
    Shares
 December 6, 2017

Estimated reading time: 3 minutes

For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are using a different technique to spread malware through Office files – using a new attack vector called ‘Dynamic Data Exchange (DDE)’. DDE is an authorized Microsoft Office feature that provides several methods for transferring data between applications. Once the communication protocol is established, it doesn’t require user interactions...