![]() ![]() MSGraph is a symbol-less piece of software that utilizes the Windows COM model in some parts of its code. Microsoft Office is not an easy target to fuzz ![]() We later found that this attack surface also applies to other Microsoft Office products, including Excel and Office Online, that share the same code.įigure 1: MSGraph editor embedded in a Microsoft Excel document. However, unlike Microsoft Equation Editor, MSGraph is still updated in every Office patch and receives the latest mitigations (such as ASLR and DEP), which makes successful exploitation harder. In terms of attack surface, MSGraph is quite similar to Microsoft Equation Editor 3.0. MSGraph is a component that can be embedded inside many Microsoft Office products (such as Word, Outlook, PowerPoint, etc.), and is used to display graphs and charts. To our knowledge, this component has not received too much attention from the security community until now, making it a fertile ground for bugs. We chose the MSGraph COM component ( MSGraph.Chart.8, GRAPH.EXE) as our fuzzing target, as it is quite an old piece of code that has existed since at least the days of Office 2003 or earlier. ![]() We also evaluate the pros and cons of the different fuzzing solutions we experimented with in the course of our research. In this blog, we describe our attempts to fuzz a specific component in Microsoft Office and how the results affect this whole ecosystem. It is also integrated inside many products of the Microsoft / Windows ecosystem such as Office itself, Outlook and Office Online. Microsoft Office is a very commonly used software that can be found on almost any standard computer. Research By: Netanel Ben-Simon and Sagi Tzadik Introduction ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |