LogMeTT.com • About Dynamic Data Exchange and TTPMacro
Page 1 of 1

About Dynamic Data Exchange and TTPMacro

Posted: Fri Feb 09, 2018 9:42 pm
by boris
This is a question to TeraTerm Project team.

As we know form Tera Term Source Code Overview, Tera Term uses Dynamic Data Exchange (DDE) mechanism to run macro scripts. DDE is very old protocol, has known vulnerabilities and starts being phased out by Microsoft.
As part of the December 2017 Patch Tuesday, Microsoft has shipped an Office update that disables the DDE feature in Word applications, after several malware campaigns have abused this feature to install malware. DDE stands for Dynamic Data Exchange, and this is an Office feature that allows an Office application to load data from other Office applications. For example, a Word file can update a table by pulling data from an Excel file every time the Word file is opened. DDE is an old feature, which Microsoft has superseded via the newer Object Linking and Embedding (OLE) toolkit, but DDE is still supported by Office applications.

The December Patch Tuesday disables DDE only in Word, but not Excel or Outlook. The reason is that several cybercrime and spam groups have jumped on this technique, which is much more effective at running malicious code when compared to macros or OLE objects, as it requires minimal interaction with a UI popup that many users do not associate with malware. For Outlook and Excel, Microsoft has published instructions on how users can disable DDE on their own, if they don't want this feature enabled.
Source

So, my question is - do you have plans to replace DDE with more modern and secure data exchange mechanism before Microsoft stops supporting DDE and disables it via one of its Windows updates. Macro scripting language is one of the main features that makes Tera Term unique. It would be very unfortunate to loose it.