Security researchers at Cisco’s Talos threat research group have discovered one such attack campaign spreading malware-equipped Microsoft Word documents that perform code execution on the targeted device without requiring Macros enabled or memory corruption. The technique leverages a built-in feature of MS Office, called Dynamic Data Exchange (DDE) that allows two running applications to share the same data. Microsoft doesn’t consider this as a security issue, rather according to the company the DDE protocol is a feature that can not be removed but could be improved with better warning alerts.
Source: https://thehackernews.com/2017/10/ms-office-dde-malware.html