You may or may not be aware of a new type of attack potential called a DDE attack – a way of launching malware from a web download, an email attachment, or even directly from the body of an Outlook email message or calendar invite.
Just say no
Attachments, emails and calendar invites pop up two giveway warning dialogs before triggering a DDEAUTO attack; if you say “No” at either dialog then you prevent the attack.
First, you’ll see a warning like this when DDE is used:
Clicking “No” will stop a DDE attack from running.
If you click “Yes” at the first dialog, you will see a second dialog warning that a command is about to be run (the text in parenthesis and the program names referenced at the end will vary):
Again, clicking “No” will stop the attack.
For more information, please refer to the following page and video