OpenOffice / OpenDocument and MS Office 2007 / Open XML security

Article and presentation about security issues in OpenDocument and Open XML formats (OpenOffice and MS Office 2007) - published in the Journal of Computer Virology in Oct 2007 and presented at the PacSec 2006 conference.

Abstract:

OpenDocument and Open XML are both new document file formats. OpenDocument is the new ISO standard document format, promoted by OpenOffice.org and Sun StarOffice, while Open XML is the new format for Microsoft Office 2007 documents, proposed for an ECMA standard. These 2 formats share the same basic principles: XML files within a ZIP archive, with an open schema, in contrast to good-old proprietary formats. However these documents suffer from many security issues, similar to previous Office ones: malicious people can still embed and hide malware (trojan horses and virus) thanks to macros, scripts, OLE objects and so on, along with XML and ZIP obfuscation features... This paper shows all the security issues with technical details, and describe how to design a filter to get rid of unwanted bits in a safe way.

Presentation:

This work was first presented at the PacSec conference in November 2006 (http://pacsec.jp/psj06archive.html). See attached PDF file below for the last version of the slides (December 2006).

An improved version was presented at the SSTIC conference in June 2007 in French (http://actes.sstic.org/SSTIC07/Securite_OpenDocument_OpenXML).

Article:

See attached PDF file for the final version of the article which has been published in the Journal in Computer Virology in October 2007. The original publication is available at www.springerlink.com (http://dx.doi.org/10.1007/s11416-007-0060-2).

AttachmentSize
JCV07_Lagadec_OpenDocument_OpenXML_v4_decalage.pdf415.42 KB
PacSec06_Lagadec_OpenDocument_OpenXML.pdf595.35 KB