Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » detection   (RSS)
Monday, September 14, 2009 10:00 AM

OffVis updated, Office file format training video created

In July, we released a beta Office file format viewer application called OffVis as a downloadable tool. We are pleased today to announce an updated version of OffVis and a 30 minute training video to help you understand the legacy Office binary file format.
Posted by swiblog | (Comments Off)
Tuesday, September 01, 2009 5:59 PM

New vulnerability in IIS5 and IIS6

This afternoon, the MSRC posted a security advisory describing a newly-disclosed vulnerability in the IIS FTP service that could potentially grant remote code execution to untrusted users. You can find the advisory here . Vulnerability summary The vulnerability
Posted by swiblog | (Comments Off)
Friday, July 31, 2009 2:34 PM

Announcing OffVis 1.0 Beta

We’ve gotten questions from security researchers and malware protection vendors about the binary file format used by Microsoft Word, PowerPoint, and Excel. The format specification is open and we have spoken at several conferences ( 1 , 2 , 3 ) about
Posted by swiblog | (Comments Off)
Tuesday, August 12, 2008 11:32 AM

MS08-043 : How to prevent this information disclosure vulnerability

In this month’s update for Excel we addressed an interesting CVE (CVE-2008-3003) – the first vulnerability to affect the new Open XML file format (but it doesn’t result in code execution). This is an information disclosure vulnerability that can arise
Posted by swiblog | (Comments Off)
Tuesday, August 12, 2008 11:31 AM

MS08-042 : Understanding and detecting a specific Word vulnerability

A few weeks ago we posted a blog entry titled " How to parse the .doc file format ". Today's blog post will show you how to use that information to check whether a .doc file is specially crafted to exploit MS08-042, one of the vulnerabilities addressed
Posted by swiblog | (Comments Off)
Attachment(s): CVE-2008-2244.bt
Friday, July 18, 2008 2:04 PM

How to parse the .doc file format

This past February, Microsoft publicly released the Office binary file formats specification . These describe how to parse Word, Excel, and PowerPoint files to review or extract the content. Because they describe the structure of these file formats in
Posted by swiblog | (Comments Off)
 
Page view tracker