5MS Office Office Office Office Office Office excel word powerpoint OLE2 Office Office Office Fuzz Windows Office 6 excel powerpoint Fuzz 7 RESEARCHES ON TECHNIQUES OF EXPLOITING AND APPLYING MS OFFICE VULNERABILITIES ABSTRACT As Microsoft Office documents are widely used in desktop systems, the security of these applications is widely concerned and considered by security keepers and also attackers home and abroad. Attacks range from primitive micro viruses to present vulnerability exploiting against document form analysis. Foreign security corporations, organizations and independent attackers lay their emphases of vulnerability researches on Microsoft Office applications. Recently Office vulnerabilities are often exposed for they are exploited and used too frequently. So Microsoft Corporation now makes a faster reaction in announcing Office security announcement and publishing patches against the increasing vulnerabilities. OLE2-based compound document structure is used in excel word powerpoint of MS Office applications. Multiple data forms are allowed in this structure. As a result the security of Office documents is mainly threatened in the following three aspects: micro-based attacks, leak of private and hidden information, and applications vulnerability-based attacks. This thesis is focused on the techniques of exploiting and using MS Office applications vulnerabilities. Vulnerability researches consist of vulnerability exploiting and vulnerability analysis. Vulnerability exploiting is to find potential unknown vulnerabilities of software by various techniques and tools. Vulnerability analysis is to analyze further the known vulnerability to figure out their causes with the aim to offer technical support for exploiting or saving them. This thesis is arranged to explain the basis principles of traditional vulnerability technique researches and their limitations. A new technique of exploiting vulnerability, based on document analysis, and its design resolutions for engineering 8 accomplishment is discussed for a certain Office application. It is a combination of Fuzz test and binary code analysis is introduced and can substantially improve the real applying value of vulnerability exploiting technique. Our solutions for vulnerability exploiting is first to test file-creating modules analysis for the form of document inputted in the template document, find sensitive data in the document, modify document data according to designed modifying mode and create test document. And then dynamically supervise the debugging interfaces used by the module and start Office process. On one hand, supervise and record running of the code in question in the running process of the program, and on the other hand record and handle the exceptional information of the program. Finally, manually test and analyze the created exceptional document to find out the cause of the vulnerability with the aim to find the vulnerability can be used to