Monday, October 19, 21:42
Home security Microsoft Excel: Hackers exploit a feature and attack!

Microsoft Excel: Hackers exploit a feature and attack!

The Microsoft Excel is one of the most used programs. This makes it an attractive target for hackers. Indeed, it has been found recently that some of the legitimate features of the program itself can help even more hackers. In short, the program itself creates a problem for itself.


Researchers from the company Mimecast they discovered that an Excel feature with the name Power Query, can hackers make it easier for them to attack Office 365. Power Query enables users to combine data from different sources with a spreadsheet. However, this mechanism for connecting various elements can be used by them hackers to connect with one malicious site, containing malicious software. In this way, attackers can spread malicious excel spreadsheets and gain access to victims' systems.

"Attackers do not have to do much advanced attack. They can simply open Microsoft Excel and use their own tools"Says Meni Farjon, Mimecast's lead scientist. “The exploit will work on all versions of Excel as well as newer versions, and will probably work on all operating systems and programming languages, because it is based on a legitimate feature.

Excel Microsoft

When Power Query connects to a malicious site, attackers can start one Dynamic Data Exchange attack, which exploits a Windows protocol that allows applications to share data in an operating system. Invaders can integrate commands that enable DDE on their site and then use Power Query commands on a malicious spreadsheet to merge site data with spreadsheets and start the DDE attack.

Η Microsoft permanently warns users when it comes to linking two programs, but hackers manage to cheat the victims with DDE attacks (both in his documents Word as well as Excel spreadsheets) from 2014.

2017, Microsoft had advised users on how to avoid them attacks. He proposed to disable the DDE for his various programs Office suite. However, the attacks continue. When the researchers unveiled their findings on Power Query, Microsoft, in June of 2018, the company said it would not make any changes to the feature. Indeed, there has been no change since then. Farjon said his company had been waiting until now to reveal the findings publicly, hoping Microsoft would make a change. Meanwhile, during this time there is no evidence that Power Query is being used in attacks. These attacks are hard to identify because they come from a legitimate feature.

"Unfortunately, I think the attackers will certainly use it"Says Farjon." It's easy, exploitable, cheap and reliable"

Meanwhile, last week, Microsoft informed its users that hackers are exploiting another Excel feature to breach Windows machines, even if they have the most recent ones security updates. This attack, which seems to be primarily aimed at Koreans, starts with malicious macros. This attack is a big problem for Word and Excel for years.


Office 365 users want new, useful features, but any new feature may be a new risk. The more capable and more flexible the programs, the more hackers can exploit them. Microsoft said its scanning system Windows Defender was able to block last week's macro attacks, because he knew what he had to look for. But Mimecast's findings show that hackers always find ways to get into the systems and infect them with malicious software.

Microsoft says both malicious macros and Power Query can be controlled using a management feature Office 365, called "group policies". This feature allows administrators to customize settings on all of their organization's devices at the same time.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Windows 10: Microsoft has released a new task manager for gamers

If your computer games are slow or slow, you can free up resources in Windows 10 using the new task manager ...

NASA's Osiris-Rex is expected to land on the asteroid Bennu tomorrow

NASA's Osiris-Rex spacecraft will land on a large asteroid for a while on Tuesday and will collect some rocks and ...

How to turn off all vibrations on your iPhone completely

Some people are particularly sensitive to the vibrations of their iPhone, either for personal or medical reasons. Thanks to...

How to convert Keynote presentations to Microsoft PowerPoint

Apple presentation software does all the hard work when converting a PowerPoint presentation to Keynote. Doing the opposite, ...

QAnon Conspiracy Theories: YouTube removes them from the platform

YouTube is the latest social networking site to launch a campaign against the spread of QAnon conspiracy theories.

Vizom: New malware hijacks bank accounts

Vizom disguises itself as a popular "videoconferencing software", with meetings all online due to the pandemic. Investigators...

The Windows 10 Calculator has been ported to Linux

The Windows 10 Calculator has been ported to Linux and can be installed from the Canonical Snap Store. The ...

System breach exposes Kleenheat customer data

Australian-based gas company Kleenheat has warned some of its customers of data breaches, which may ...

US Election: Candidates manipulate voters via email!

The politicians who are candidates for the upcoming US elections use psychological tricks and "dark" patterns in their emails to ...

Google Chrome and Edge create random debug.log logs

An error in the latest version of Chrome and other Chromium-based browsers causes random debug.log files to be created ...