Black Hat Talk Demonstrates New Document Exploits - Slashdot

Slashdot is powered by your submissions, so send in your scoop

×

Black Hat Talk Demonstrates New Document Exploits 60

Posted by timothy on Saturday August 06, 2011 @03:38PM from the send-you-this-file-in-order-to-have-your-advice dept.

darthcamaro writes "Remember the days of the viruses embedded in email attachments? They're coming back, according to a pair of researcher talking at Black Hat this week: '"If you have installed all Microsoft Office patches and there are no 0 day vulnerabilities, will it be safe to open a Word or Excel document?" TT asked the audience. "The answer is no."'"

This discussion has been archived. No new comments can be posted.

Black Hat Talk Demonstrates New Document Exploits

Search 60 Comments Log In/Create an Account

Comments Filter:

Re:In other news... (Score:4, Interesting)

by networkzombie ( 921324 ) writes: on Saturday August 06, 2011 @04:27PM (#37009926)

Your argument restricting executable code covers a variety of technologies from OLE to html email. The same reason these technologies suck is also why they are so popular. On one hand you can embed stuff and do more! On the other hand they can embed stuff and do more.

Parent Share
twitter facebook
Re:In other news... (Score:5, Interesting)

by SuricouRaven ( 1897204 ) writes: on Saturday August 06, 2011 @04:40PM (#37009972)

A lot of the time that executable code is to do shinystuff, like embed fancy animated charts in documents. One of the worst cases of all is in Windows Media, which will happily run scripts (Exploitable scripts) in media files without prompting or informing the user - and will do this based on magic bytes to identify filetype rather than extension. This lead to the proliferation of fake-mp3 malware on p2p networks. The purpose of the scripts is to allow for updating of the DRM technology and to allow for unauthorised media files to automatically direct the player to a website to purchase a licence.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

A morsel of genuine history is a thing so rare as to be always valuable. -- Thomas Jefferson