all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

These Microsoft Office security signatures are 'practically worthless'

Add to bookmarks
June 13, 2023, 10:26 a.m. | Thomas Claburn

The Register - Security www.theregister.com

Turns out it's easy to forge documents relying on OOXML

Office Open XML (OOXML) Signatures, an Ecma/ISO standard used in Microsoft Office applications and open source OnlyOffice, have several security flaws and can be easily spoofed.…

applications documents flaws forge iso microsoft microsoft office office ooxml open source security security flaws signatures spoofed standard xml

Visit resource

More from www.theregister.com / The Register - Security

Open source programming language R patches gnarly arbitrary code exec flaw 7 hours ago | www.theregister.com
ace arbitrary code arbitrary code execution code +10
Cyber-bastard jailed for stealing psychotherapy files, blackmailing patients 8 hours ago | www.theregister.com
crime cyber files nation +9
UnitedHealth CEO: 'Decision to pay ransom was mine' 12 hours ago | www.theregister.com
access authentication ceo change +25
NSA employee who tried and failed to spy for Russia gets 262 months in the … 15 hours ago | www.theregister.com
docs employee low nsa +8
European Commission starts formal probe of Meta over election misinformation 19 hours ago | www.theregister.com
action distribution election elections +14
Apple's 'incredibly private' Safari is not so private in Europe 1 day ago | www.theregister.com
antitrust app apple app stores +18
AT&T, Verizon, Sprint, T-Mobile US fined $200M for selling off people's location info 1 day, 8 hours ago | www.theregister.com
amp brokers carriers claim +16
Google blocked 2.3M apps from Play Store last year for breaking the G law 1 day, 9 hours ago | www.theregister.com
accounts android android apps apps +12
London Drugs closes all of its pharmacies following 'cybersecurity incident' 1 day, 13 hours ago | www.theregister.com
canadian cybersecurity cybersecurity incident drugs +5

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer – Zscaler SME

@ Peraton | United States
View on infosec-jobs.com

Splunk Data Analytic Subject Matter Expert

@ Peraton | Woodlawn, MD, United States
View on infosec-jobs.com

Principal Consultant, Offensive Security, Proactive Services (Unit 42)- Remote

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

Senior Engineer Software Product Security

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com

Information System Security Engineer (Red Team)

@ Evolution | Riga, Latvia
View on infosec-jobs.com
View more jobs