Security-X

Forum Security-X => News => Discussion démarrée par: igor51 le février 21, 2018, 16:00:22

Titre: [SecList]Disappearing bytes: Reverse engineering the MS Office RTF parser
Posté par: igor51 le février 21, 2018, 16:00:22
Disappearing bytes: Reverse engineering the MS Office RTF parser

In 2017, we encountered lots of samples that were ‘exploiting’ the implementation of Microsoft Word’s RTF parser to confuse all other third-party RTF parsers, including those used in anti-malware software.
Source: Disappearing bytes: Reverse engineering the MS Office RTF parser (https://securelist.com/disappearing-bytes/84017/)