How to Prevent Arbitrary File Disclosure Vulnerability in OpenOffice and LibreOffice
January 17, 2018 by Vinh Lam
In early December 2017, OPSWAT announced that OpenDocument Text files are supported in MetaDefender for data sanitization (CDR). Data sanitization, or Content Disarm and Reconstruction (CDR), removes potentially malicious embedded...
Metadefender Now Supports Content Disarm and Reconstruction for OpenDocument Text
December 07, 2017 by Vinh Lam
Instead of purchasing the widely used Microsoft Office suite, many users opt to use the free alternatives LibreOffice or Apache OpenOffice. However, these open-source software products contain many vulnerabilities that attackers can...
How We Blocked a Word DDE Attack from APT28
November 16, 2017
By the OPSWAT Data Sanitization Team
Last week, the APT28 threat group (also known as "Fancy Bear") was discovered to be using the Dynamic Data Exchange (DDE) attack method that we described in our recent blog post, "Data Sanitization...
Data Sanitization Prevents Macro-Less MS Word Attacks
November 08, 2017
By the OPSWAT Data Sanitization Team
Malicious Word Documents Without Macros
Attackers have used macros in Microsoft Word documents for malware delivery for a long time, starting in the mid-to-late 1990s. To combat this, Microsoft added...
An In-Depth Look at XML Document Attack Vectors
August 14, 2017 by Taeil Goh
In June, we published a short announcement about the beta release of XML document data sanitization (CDR) in which we briefly mentioned the importance of it:
"The flexibility of XML has resulted in its widespread usage, including within...
'Hacking with Pictures': Stegosploit and How to Stop It
August 02, 2017
For cyber criminals, image malware is the ideal way to launch a surprise attack. The vast majority of users do not expect a simple image file to be remotely risky. This makes attacks like "Stegosploit" particularly dangerous to both...
Metadefender Now Supports Data Sanitization for XML Documents
June 08, 2017 by Taeil Goh
The flexibility of XML has resulted in its widespread usage, including within Microsoft Office documents and SOAP messages. However, XML documents have many security vulnerabilities that can be targeted for different types of attacks,...
