![]() ![]() These specific XLAM documents are signed by Microsoft. ![]() An attacker can embed malicious code without invalidating the signature for use in phishing scenarios. We will update this post with a reference to part 2 once it is ready.Īn MS Office installation comes with signed Microsoft Analysis ToolPak Excel add-ins (.XLAM file type) which are vulnerable to multiple code injections. Our analysis of Microsoft’s mitigations applied by CVE-2021-28449.Practical offensive MS Office tradecraft which is useful for weaponizing signed add-ins which contain vulnerabilities, such as transposing third party signed macros to other documents.The Microsoft Analysis ToolPak Excel and vulnerabilities in XLAM add-ins which are distributed as part of this.In this blog post (part 1), we will discuss the following: However, we will uncover a largely unexplored attack surface of MS Office for further offensive research and will demonstrate practical tradecraft for exploitation. This patch means that the methods described in this post are no longer applicable to an up-to-date and securely configured MS Office install. ![]() These weaknesses have been addressed by Microsoft in the following patch: CVE-2021- 28449. This blog post is part of series of two posts that describe weaknesses in Microsoft Excel that could be leveraged to create malicious phishing documents signed by Microsoft that load arbitrary code. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |