A great blog post from Outflank, and a must-read for CISOs and technical blue teams! The post outlines common controls and strategies deployed to mitigate Microsoft Office macro security issues. They also introduce LOLdocs from a recent Brucon talk, detailing how vulnerabilities in signed #microsoft Office content might be abused to bypass even strictly configured MS Office installs. Awesome.
Click to Open Code Editor