Check Point researchers discovered multiple security flaws while fuzzing MSGraph, a Microsoft office component.
Microsoft Office is a software that is available on almost every computer, and is integrated into the Microsoft and Windows ecosystems such as Outlook and Office Online. Checkpoint researchers discovered multiple security vulnerabilities affecting the security of the entire ecosystem when fuzzing the office component MSGraph COM.
MSGraph COM component
MSGraph COM component (MSGraph.Chart.8, GRAPH.EXE) is a very old office component that has existed since Office 2003. This component is embedded in Microsoft office products to Display charts. But the component did not get the attention of security personnel.
From a supply perspective, MSGraph is very similar to Microsoft Equation Editor 3.0. But unlike Equation Editor, MSGraph is updated with every office patch and receives the latest patch, which makes successful exploitation very difficult.
Figure 1: MSGraph editor embedded in an Excel document
security breach
Researchers fuzzed MSGraph and found four of the security vulnerabilities, namely:
CVE-2021-31179 – Memory corruption
· CVE-2021-31174 – OOBR
· CVE-2021-31178 – Integer overflow
· CVE-2021-31939 – UAF
code similarity
After researchers found a vulnerable function in MSGraph, the researchers found that the vulnerable function was widely used in office products through code similarity check, such as Excel (EXCEL.EXE), office online server (EXCELCNV.EXE) and Excel OSX version. The researchers reproduced these vulnerabilities in these products.
As shown in the figure below, the exploit will cause a crash.
Figure 2: CVE-2021-31174 vulnerability OfficeOnline recurrence
Figure 3: CVE-2021-31174 vulnerability Excel reproduction
Figure 4: CVE-2021-31174 vulnerability MSGraph reproduction
Summarize
Although the researchers only tested one Office component, they found multiple security vulnerabilities affecting the Office product ecosystem. The findings suggest that files can be embedded in different ways to exploit vulnerabilities in different Office products on different platforms.
The Links: ESM4016 PN100RL1B060
Written By
“Current control is the key to improving the performance of the motor. How to accurately measure the strength of the current requires an accurate current sensor. The current sensor using TMR technology will be one of the ideal choices for related applications. This article will introduce you the characteristics of TMR technology, the types of current sensors, and the product characteristics ...
I believe that the fruit fans who have continued to pay attention to Mingmei Infinite should all know that the iPhone 12 launched by Apple last year has been enthusiastically sought after by consumers around the world, and sales are also rising. According to the la...
Due to the trade dispute between Japan and South Korea, the Japanese government decided in early July to ban the export of three important semiconductor and Display Panel materials to South Korea, forcing South Korean companies to embark on a path of independence. ...
With the increasing pressure on environmental protection, hydrogen energy has high hopes as a clean, efficient and safe secondary energy. Especially in the past two years, both national and local governments have frequently mentioned “hydrogen energy” i...