Skip navigation
All Places > The Mimecaster Central Blog > Blog > 2019 > June

My colleagues over at the Mimecast Threat Center have found and developed a technique that uses Power Query in Excel to dynamically launch a remote Dynamic Data Exchange (DDE) attack into an Excel spreadsheet and actively control the payload Power Query.


Mimecast worked with Microsoft as part of the Coordinated Vulnerability Disclosure (CVD) process to determine if this is an intended behavior for Power Query, or if it was an issue to be addressed. While they declined to issue a fix at this time, Microsoft published an advisory (4053440) that indicates steps and procedures to provide information regarding security settings for Microsoft Office applications. The advisory provides guidance on what users can do to ensure that these applications are properly secured when processing Dynamic Data Exchange fields. 


Note that if you are a Targeted Threat Protection user, you are protected from the use of this technique already.


You can check out the full story from my colleague Ofir Shlomo of Mimecast Threat Center over at the Mimecast blog, which details in depth a potential exploit using Power Query to launch a DDE exploit.

Michael Conley is the Director of Service Delivery Enablement at Mimecast. He has enjoyed assisting customers and growing a legendary support team since 2012. Michael was the FY16 Mimecaster of the Year.


Having been a member of the team since 2012, I have served in a variety of roles, from first line engineer to manager. My latest adventure aims to educate the thousands of great Mimecasters in our community, both internal and external. Mimecast is a powerful and diverse platform, and, as such, knowing where to begin educating yourself is not always easy.


Speaking from experience – the most beneficial area of the platform to start with is Track and Trace. Being able to determine a message’s journey through Mimecast, from receipt, through policy processing, to delivery, helps administrators determine the “where,” “when,” and “why” of email routing. 


Has an end user ever asked you why a message was blocked, delayed, or allowed through? That’s a rhetorical question, as we know they do! In the video below, I'll go through several of these scenarios and encourage both new administrators and long-time customers to take a look.


You will see me on the community helping out when I can, and creating posts just like this one, touting the latest and greatest education materials. 2017 is going to be a great year for Mimecast customers as education efforts are increasing around the globe. Mimecast is serious about Legendary Customer Success and positioning ourselves to be the most trusted and reliable vendor in the cloud.


If you have any ideas, questions, or just want to say hi – please follow my profile, or drop a comment below. I am passionate about learning and teaching, and hope to pass some of my enthusiasm on to you!


In this video, I’ll show you how to get started with Track and Trace (and stay tuned for future posts in this series):



Check out Mike's next Mimecast 101 video post in the series: Mimecast 101: Troubleshooting Authentication Issues [Video]