A security breach in Excel could put more than 120 million users at risk. The loophole is in the Power Query function. It allows you to link an Excel spreadsheet to an external database, such as an Excel workbook or a web document. In practice, the vulnerability allows cybercriminals to add malicious source code and infect the victim's PC. The vulnerability in the spreadsheet editor was discovered by researchers at online security company Mimecast, and released on Thursday (27). The company advises users to disable the DDE feature (an old technology that allows data transfer in the Office suite) to prevent attacks on how to do it at the end of the story.
At dnetc, Microsoft explained that, since 2018, an update has enabled customers to define the functionality of the DDE protocol, and in order for anyone to actually be hit by the virus, they would have to ignore several standard program security alerts.
READ: Excel tool protects your data and makes life easier
Hackers may take advantage of publisher failure to launch remote attack Photo: Divulgao / Microsoft
Want to buy a cell phone, TV and other discounted products? Meet the Compare dnetc
The flaw discovered by Mimecast could open the way for "sophisticated and hard-to-detect antivirus attacks," as the official statement explains. The Power Query function bridges an external database to the Excel spreadsheet to which it is linked. The purpose of the feature automatically update the file as far as the modified bank online.
However, the loophole allows hackers to embed infected content into an external data source. If it is connected to a spreadsheet in Excel, the user's computer will be exposed to a number of malware as soon as the file is opened. According to a post on the Mimecast official website, we recommend disabling the DDE feature, an older Microsoft technology that lets you transfer data between applications to prevent viruses from entering your computer. DDE comes enabled by default in Excel.
Sought by dnetc, Microsoft explained that the flaw is difficult to exploit, as all versions of Excel display the security warning before loading external data and executing a command from a DDE formula. "For this technique to work, the user would need to be impacted by some social engineering action and ignore multiple security prompts before loading external data or executing a command from a DDE formula," reads the statement. In addition, "a security update was released in January 2018 for all editions of Microsoft Excel, allowing customers to define DDE protocol functionality," the statement added.
Step 1. To disable DDE, you need to open Excel by selecting "File". In the left column, choose "Options";
Select "file" and then "options" Photo: Playback / dnetc
Step 2. In the window that opens, go to "Trust Center" and press the "Trust Center Settings" button;
Access the settings Photo: Playback / dnetc
Step 3. Go to "External Content" in the side column and disable automatic updating in the "Security Settings for Workbook Links" section. Confirm the setting at "OK".
Disable the DDE function in Excel Photo: Playback / dnetc
As additional protection options against DDE-based malware attacks, Microsoft suggests the following custom policies:
Excel counter: what to do? Ask questions on the dnetc forum.
How to delete all blank lines in Excel at once
