{"id":25225,"date":"2019-02-13T19:39:00","date_gmt":"2019-02-13T19:39:00","guid":{"rendered":"https:\/\/www.darkreading.com\/endpoint\/researchers-dig-into-microsoft-office-functionality-flaws\/d\/d-id\/1333870"},"modified":"2019-02-13T19:39:00","modified_gmt":"2019-02-13T19:39:00","slug":"researchers-dig-into-microsoft-office-functionality-flaws","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/","title":{"rendered":"Researchers Dig into Microsoft Office Functionality Flaws"},"content":{"rendered":"<header>\n<\/header>\n<p><span class=\"strong black\">An ongoing study investigating security bugs in Microsoft Office has so far led to two security patches.<\/span> <\/p>\n<p class=\"\">Microsoft Office, ubiquitous on enterprise and personal computers, is a hot target for cybercriminals and a key focus area for researchers hoping to find bugs before the bad guys do.<\/p>\n<p>Stan Hegt and Pieter Ceelen, both security researchers and red teamers with security firm Outflank B.V., have been exploring a range of attack techniques that abuse Microsoft Office features. Their previous research, shown at <a href=\"https:\/\/outflank.nl\/blog\/2018\/10\/28\/recordings-of-our-derbycon-and-brucon-presentations\/\" target=\"_blank\">DerbyCon<\/a> 2018, demonstrated how abusing legacy functionality (a macro language that predates VBA, for example) bypasses security controls.<\/p>\n<p>Outflank B.V. is a small, specialized security firm focused on red teaming, Hegt explained in an interview with Dark Reading. During most engagements, they attempt to remotely compromise workstations. Remote entry is among the toughest attacker methods, says Hegt. &#8220;It forces us to innovate, but we don&#8217;t see that much innovation in this respect, in the wild.&#8221;<\/p>\n<p>Early findings prompted them to analyze flaws within the functionalities embedded into the Office suite. And since DerbyCon, the duo has continued to research Office and uncover new security holes.<\/p>\n<p>&#8220;To dive into Microsoft Office, there&#8217;s so much to go into,&#8221; says Hegt. &#8220;When we dove in with the purpose of DerbyCon, we noticed there were many points to go left or right with additional research. Every path led to more cool stuff we could present to the world.&#8221;<\/p>\n<p>As part of their ongoing research, Hegt and Ceelen found &#8220;at least two things that were not according to spec&#8221; &#8211; and resulted in two vulnerabilities being recently patched by Microsoft. One CVE uses the old feature of fields in Microsoft Word, in combination with macro buttons (no VBA required) to steal the contents of any file on disk. Another CVE uses fields in combination with templates and headers to build phishing documents without the use of macros.<\/p>\n<p>&#8220;There are plenty of new defenses being built into Microsoft Office, but there are so many archaic features,&#8221; Heft continues. &#8220;Many times, those archaic features can be exploited to evade or abuse modern defenses.&#8221;<\/p>\n<p>Both bugs the team discovered can be exploited to steal information; one steals files, the other goes after credentials. Further, they say, both combine legacy features in ways that likely weren&#8217;t foreseen. The researchers note their analysis shows that the kind of Office malware currently seen in the wild is &#8220;just the tip of the iceberg&#8221; of what&#8217;s possible in Office threats.<\/p>\n<p>At Black Hat Asia, coming up March 26-29 in Singapore, Hegt and Ceelen will take the stage to present their talk &#8220;<a href=\"https:\/\/www.blackhat.com\/asia-19\/briefings\/schedule\/index.html#office-in-wonderland-13709\" target=\"_blank\">Office in Wonderland<\/a>,&#8221; in which they will disclose details on new Word and Excel vulnerabilities, release attack vectors which Microsoft deemed Office features, and demonstrate the security impact of the architectural design of the full Office suite.<\/p>\n<p><strong>Getting Bugged Down<\/strong><\/p>\n<p>As part of its January Patch Tuesday <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/remote-code-execution-bugs-are-primary-focus-of-january-patch-tuesday\/d\/d-id\/1333612\" target=\"_blank\">release<\/a>, Microsoft issued <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-0561\" target=\"_blank\">CVE-2019-0561<\/a>, a Microsoft Word information disclosure vulnerability discovered as part of Hegt and Ceelen&#8217;s research. The flaw exists when Word macro buttons are improperly used, and a successful attacker could target the vulnerability to read arbitrary files from a targeted system, according to Microsoft.<\/p>\n<p>To exploit CVE-2019-0561, an attacker would have to create a malicious file and convince the user to open it. They would have to know the location of the file whose data they want to steal. Microsoft&#8217;s patch for CVE-2019-0561 addresses the vulnerability by changing the way some Word functions handle security warnings.<\/p>\n<p>Microsoft&#8217;s February Patch Tuesday <a href=\"https:\/\/www.darkreading.com\/endpoint\/microsoft-adobe-both-close-more-than-70-security-issues\/d\/d-id\/1333858\" target=\"_blank\">release yesterday<\/a>\u00a0included <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/CVE-2019-0540\" target=\"_blank\">CVE-2019-0540<\/a>, addressing another bug discovered by Hegt and Ceelen. This is a Microsoft Office security feature bypass flaw that exists when Office doesn&#8217;t validate URLs. Attackers can send victims specially crafted files to trick them into entering credentials and perform a phishing attack.<\/p>\n<p>&#8220;A lot of organizations rely on username and password combinations,&#8221; says Ceelen. &#8220;As an attacker it&#8217;s very much in interest to go collect usernames and passwords.&#8221; This bug lets attackers send plain docs without any macros, and it will alert the target with a pop-up to enter their credentials. &#8220;We slowly see bad guys abusing these techniques,&#8221; he continues.<\/p>\n<p>The patch addresses the vulnerability by ensuring Office properly validates URLs. While Ceelen points to an attacker focus on Word and Excel, given they have the longest history, he notes Microsoft has upped its patching game. &#8220;We see them making steps in all directions,&#8221; Ceelen says.<\/p>\n<p>Both CVE-2019-0561 and CVE-2019-0540 were classified as Important in severity by Microsoft. Neither was publicly known or exploited in the wild prior to the release of their patches.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<div readability=\"7.3636363636364\">\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png\" alt=\"\" width=\"360\" height=\"48\"\/><\/p>\n<p><strong>Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry&#8217;s most knowledgeable IT security experts. Check out the <a href=\"https:\/\/www.interop.com\/darkreading\/?_mc=hsad_x_drr_le_tsnr_intplv_x_x-drvplug\" target=\"_blank\">Interop agenda<\/a> here.<\/strong><\/p>\n<\/div>\n<p><span class=\"italic\">Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance &amp; Technology, where she covered financial &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=837\">View Full Bio<\/a><\/span> <\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p> Read More <a href=\"https:\/\/www.darkreading.com\/endpoint\/researchers-dig-into-microsoft-office-functionality-flaws\/d\/d-id\/1333870?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>An ongoing study investigating security bugs in Microsoft Office has so far led to two security patches. Read More <a href=\"https:\/\/www.darkreading.com\/endpoint\/researchers-dig-into-microsoft-office-functionality-flaws\/d\/d-id\/1333870?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-25225","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Researchers Dig into Microsoft Office Functionality Flaws 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Researchers Dig into Microsoft Office Functionality Flaws 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-02-13T19:39:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Researchers Dig into Microsoft Office Functionality Flaws\",\"datePublished\":\"2019-02-13T19:39:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/\"},\"wordCount\":858,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/\",\"name\":\"Researchers Dig into Microsoft Office Functionality Flaws 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"datePublished\":\"2019-02-13T19:39:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/#primaryimage\",\"url\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"contentUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/researchers-dig-into-microsoft-office-functionality-flaws\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Researchers Dig into Microsoft Office Functionality Flaws\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Researchers Dig into Microsoft Office Functionality Flaws 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/","og_locale":"en_US","og_type":"article","og_title":"Researchers Dig into Microsoft Office Functionality Flaws 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-02-13T19:39:00+00:00","og_image":[{"url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Researchers Dig into Microsoft Office Functionality Flaws","datePublished":"2019-02-13T19:39:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/"},"wordCount":858,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/","url":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/","name":"Researchers Dig into Microsoft Office Functionality Flaws 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","datePublished":"2019-02-13T19:39:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/#primaryimage","url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","contentUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/researchers-dig-into-microsoft-office-functionality-flaws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Researchers Dig into Microsoft Office Functionality Flaws"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=25225"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25225\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=25225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=25225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=25225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}