Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures
https://www.usenix.org/system/files/sec23summer_235-rohlmann-prepub.pdfOOXML signatures are rendered pretty much useless due to 3 flaws in specification and 2 flaws in implementation.
"The vulnerabilities have been acknowledged by Microsoft. However, Microsoft has decided that the vulnerabilities do not require immediate attention."
Comments 0