so.cl

Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer


VSTO office files are the new macro nightmare?

Visual Studio Tools for Office (VSTO) has the capability to export an Add-In which is embedded inside an Office document file (such as a Word DOCX). If this document is delivered in the right way (to avoid some inbuilt mitigations) it provides rich capabilities for attackers to phish users and gain code execution on a remote machine through the installation of a word Add-In.

Office itself even provides an automatic update capability, which can be used by attackers to update payloads remotely. Make phishing great again. VSTO office files are the new macro nightmare?

April 19, 2022
#phishing