Security News > 2023 > June > These Microsoft Office security signatures are 'practically worthless'
Office Open XML Signatures, an Ecma/ISO standard used in Microsoft Office applications and open source OnlyOffice, have several security flaws and can be easily spoofed.
Microsoft refers to the format simply as Open XML. The boffins say they found discrepancies in the structure of office documents and the way signatures get verified.
As a result they were able to identify five ways to attack vulnerable documents to alter their contents and forge signatures.
With Microsoft Office for macOS, document signatures simply weren't validated at all.
Xml to an OOXML package - which consists of multiple zipped files - and the Office for Mac would show a security banner proclaiming that the document was protected by a signature.
"This has been fixed in the final ODF version 1.2. In our research, we also found problems with signed ODF versions, but these were more likely caused by basic problems with XML signatures or implementation flaws on the part of the vendors. In general, we should always avoid partial signatures in documents. Since this leads to insecure implementations, related to the signature." .
News URL
https://go.theregister.com/feed/www.theregister.com/2023/06/13/office_open_xml_signatures/
Related news
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Security? We've heard of it: How Microsoft plans to better defend Windows (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Microsoft 365 outage takes down Office web apps, admin center (source)