Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

4 issues in Microsoft Office component allow weaponizing docs

Experts found four security flaws in the Microsoft Office suite that cloud allow attackers to weaponize Word and Excel docs. Experts from Check Point discovered four security vulnerabilities in the Microsoft Office suite that an attacker could exploit to craft weaponized Word and Excel documents. Below the list of flaws discovered by the experts: CVE-2021-31179 – […]

Microsoft Office

Experts found four security flaws in the Microsoft Office suite that cloud allow attackers to weaponize Word and Excel docs.

Experts from Check Point discovered four security vulnerabilities in the Microsoft Office suite that an attacker could exploit to craft weaponized Word and Excel documents.

Below the list of flaws discovered by the experts:

The CVE-2021-31174, CVE-2021-31178, CVE-2021-31179 vulnerabilities have been addressed by Microsoft as part of its Patch Tuesday update for May 2021, while the CVE-2021-31939 flaw is expected to be fixed in June.

The experts used fuzzing techniques to test the MSGraph COM component (MSGraph.Chart.8, GRAPH.EXE), a component that was included in the suite since Office 2003 or earlier.

MSGraph can be embedded in many products of the Microsoft Office suite, including Word, Outlook, PowerPoint to display graphs and charts. Experts pointed out that flaws in the

“In terms of attack surface, MSGraph is quite similar to Microsoft Equation Editor 3.0. However, unlike Microsoft Equation Editor, MSGraph is still updated in every Office patch and receives the latest mitigations (such as ASLR and DEP), which makes successful exploitation harder.” reads the post published by Check Point. “We later found that this attack surface also applies to other Microsoft Office products, including Excel and Office Online, that share the same code.”

Experts also discovered that the vulnerable function is commonly used across multiple different MS Office products, such as Excel (EXCEL.EXE), Office Online Server (EXCELCNV.EXE) and Excel for OSX. The researchers were able to successfully reproduce some of the flaws in these products.

“Even though we researched a single component of Microsoft Office, we managed to find several vulnerabilities that affect multiple products in this ecosystem. The results of this research were a set of files that could be embedded in different ways to potentially exploit different Office products across multiple platforms.” concludes the report. “As a bonus, we also had the opportunity to experiment with multiple different fuzzing solutions. We hope you find our notes useful.”

Below the disclosure timeline for these vulnerabilities:

  • 28 Feb 2021 – Initial report to Microsoft.
  • 11 May 2021 – Microsoft fixes CVE-2021-31174, CVE-2021-31178, CVE-2021-31179 (Patch Tuesday)
  • 08 Jun 2021 – Microsoft fixes CVE-2021-31939 (Patch Tuesday)
  • 08 Jun 2021 – Blog release

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, MS Office)

[adrotate banner=”5″]

[adrotate banner=”13″]