Changes to Microsoft Office with Microsoft Security Updates (iManage and DDE)
Something that came across my desk this morning that is interesting and to some degree something that we all need to watch out for.  It is not specific to iManage.


Also online at
Microsoft has finally admitted what was obvious to everyone else, that the DDE part of Office is dangerous and should be disabled.
The latest patches have finally provided a way to disable the DDE feature in Office, either completely or in part.  Something that’s looooong overdue.
We all know that the older releases of iManage use DDE (pre Work 10) within the application to open, save and print documents.  This change will affect office 2016, 2013, 2010 and 2007.  This was delivered via the December 2017 security updates for Office.

Please note: I have NOT at this stage heard of any issues however it may be helpful to know about this change in the event that we see some odd behaviour manifest within Microsoft Office. 

How could this affect iManage?

Here is a typical application configuration screen shot, what you will notice here is that “DDE” is selected as an integration component within the configuration.  This integration is likely to be where we will see the odd behaviour occur (if at all).iManage DDE Configuration

Here is a link to an article in the iManage support making reference to disabling DDE and the impact it may have.

And below I have included the relevant piece from the technote that identifies what the DDE component provides.

DDE enables the following functionality within the WorkSite integration:
1.       Ability to pass document meta-data from FileSite/DeskSite to the receiving application. For example, display of the document Description in the Word title bar.

2.       Ability to check if the receiving application is already open. This allows us to use the existing instance of Word\Excel to open the document rather than spawning a new instance of the application for each document.

3.       Handling of the WorkSite print from the document grid. For example, DDE is used to close Word\Excel following a print from the Worklist.

Disabling DDE does not have an impact on WorkSite functionality beyond what is listed above. For example, after disabling DDE the title bar will display the local file name (as seen in the NRPortbl directory) – the application will no longer display the document name and number – consistent with native Microsoft Office behavior.

No core functionality is impacted. If the features noted are not required by your users, DDE can be safely disabled.


If you wish to restore DDE the following will apply:


For the vast majority, DDE is not needed and the new default won’t make any difference to the way you use Office.

If you need DDE for some purpose, go into the Registry to enable it fully or, better, use the new ‘middle path’ which stops new programs starting.


Replace <version> with the internal version for Office:
Office 2016=16.0  Office 2013=15.0  Office 2010=14.0 Office 2007=12.0

Create or use the key  AllowDDE   a DWORD value:

0: Disables DDE  The new default setting after you install the Dec. 2017 update.  Leave DDE disabled unless you have a specific reason for letting it work.
1: Allows DDE requests but only to an already running program.  DDE can’t launch another executable program.
2: Fully allow DDE requests, NOT recommended unless you’re really sure.

Please note information that is in this email relating to the DDE change and the Microsoft Security update comes directly from the following source:
If you require more information please go to the link above or contact us directly.

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyrights ©2019 ACP Solutions - All rights reserved