Office file specs released – new vulnerabilities to come?

As Microsoft released the Office file specs for the upcoming Office 2007, I can’t stop from thinking that even though these are specs for Office 2007 files, they must have similarities and are at least partly backward compatible with Office 200x.

This means they can be used by vulnerability researchers (good and bad) to more easily discover new vulnerabilities in Office as with the spec laid out, complete and systematic searching can be done.

Time will tell – lets start counting how many Office related vulnerabilities are released over the next few months – and see if we can find a correlation.

Share