Over recent years, macro-based document attacks have gained popularity due to their simplicity in bypassing user defenses, prompting security vendors to develop countermeasures. A newly identified technique, Dynamic Data Exchange (DDE), has emerged as a significant threat, offering attackers a way to execute commands through document fields without traditional macros, by exploiting a legacy feature in Microsoft Office. Despite its potential for misuse, Microsoft has labeled DDE as a feature rather than a bug, opting not to address it in current releases. The DDE mechanism, dating back to 1987, facilitates communication between applications, which has been exploited by attackers to run arbitrary commands by convincing users to click through non-security-related pop-ups. While Microsoft's stance is conservative, security experts emphasize the need for a more robust detection strategy that not only targets specific vulnerabilities like DDEAUTO but also addresses the broader class of macro-less document attacks. The analysis suggests improvements, such as adhering to DDE guidelines and enhancing user prompts with security-oriented wording, could mitigate risks while maintaining usability.