detection

MS08-043 : How to prevent this information disclosure vulnerability

In this month’s update for Excel we addressed an interesting CVE (CVE-2008-3003) – the first vulnerability to affect the new Open XML file format (but it doesn’t result in code execution). This is an information disclosure vulnerability that can arise when a user makes a data connection from Excel to a remote data source and …

MS08-043 : How to prevent this information disclosure vulnerability Read More »

MS08-042 : Understanding and detecting a specific Word vulnerability

A few weeks ago we posted a blog entry titled “How to parse the .doc file format“. Today’s blog post will show you how to use that information to check whether a .doc file is specially crafted to exploit MS08-042, one of the vulnerabilities addressed by today’s security updates. This particular vulnerability is being exploited …

MS08-042 : Understanding and detecting a specific Word vulnerability Read More »

How to parse the .doc file format

This past February, Microsoft publicly released the Office binary file formats specification.  These describe how to parse Word, Excel, and PowerPoint files to review or extract the content.  Because they describe the structure of these file formats in detail, we think the file format specification will be particularly interesting to ISVs who write detection logic for malware scanners …

How to parse the .doc file format Read More »