Microsoft OffVis, Office Visualization Tool

9 Ago/10

OffVis, the Microsoft Office Visualization Tool, has been designed to visualize the binary file formats doc, xls or ppt. While it has been primarily created for IT professionals and security researchers, it can have its uses for less tech savvy or security interested Office users.

The software requires the Microsoft .net Framework 2.0, but has no other dependencies besides that. Users can launch by clicking on OffVis.exe after unpacking the download to a local directory.

First step in the analysis of Office documents is to load a supported file format from the File menu.

OffVis displays the raw file contents on the left side. A parser can now be selected from the parser pull down menu to parse the document that has been loaded.

microsoft offvis office visualization tool

microsoft offvis office visualization tool

If you’d like to parse only at the OLESS layer, choose “Format Library.DLL: OLESSFormat”. If you’d like to attempt to parse the file as an Excel, PowerPoint, or Word file, select one of those parsers.

Parsing results are displayed on the right side, selecting an element will highlight it on the raw file contents side.

The interesting aspect of the software for all users is that it can detect malicious code. It will automatically display “definitely malicious” entries in the document, if any are found.

Office users can therefor use the Office Visualization Tool to analyze binary Office formats for malicious code before executing them on their system.

The program only detects known vulnerabilities that have been patched already. The following vulnerabilities are detected:

CVE-2006-0009, PowerPoint, MS06-012 (March 2006)
CVE-2006-0022, PowerPoint, MS06-028 (June 2006)
CVE-2006-2492, Word, MS06-027 (June 2006)
CVE-2006-3434, PowerPoint, MS06-062 (October 2006)
CVE-2006-3590, PowerPoint, MS06-048 (August 2006)
CVE-2006-4534, Word, MS06-060 (October 2006)
CVE-2006-4694, PowerPoint, MS06-058 (October 2006)
CVE-2006-5994, Word, MS07-014 (February 2007)
CVE-2006-6456, Word, MS07-014 (February 2007)
CVE-2007-0515, Word, MS07-014 (February 2007)
CVE-2007-0671, Excel, MS07-015 (February 2007)
CVE-2007-0870, Word, MS07-024 (May 2007)
CVE-2008-0081, Excel, MS08-014 (March 2008)
CVE-2008-4841, Word, MS09-010 (April 2009)
CVE-2009-0238, Excel, MS09-009 (April 2009)
CVE-2009-0556,PowerPoint, MS09-017 (May 2009)

It may even make sense to run the tool, even if all the security patches have been applied to the Office software. Why? Because it can provide valuable information about a sender or the origin of the document. The OffVis software is available via direct download from Microsoft.

© Martin for gHacks Technology News, 2010. | Permalink | Add to, digg, facebook, reddit, twitter
Post tags: , , , ,

Continua a leggere – Original Link: Microsoft OffVis, Office Visualization Tool

Technorati Tags: , , , , , , , , , , , ,

Realizzazione Sito Gestionale Immobiliare

Leggi Anche

    SpyDLL Remover Detects And Deletes Spyware
    SpyDLL Remover Detects And Deletes Spyware - Experienced computer users usually have an understanding of what is going on in the background of their computer system. This includes the processes...
    Google Wave Questions and Answers
    Google Wave Questions and Answers - After whinging loudly about not having access to the Google Wave preview, Santa GOOG dropped an invite off in my inbox last night. Sadly I have no...
Condividi in DeliciousCondividi in DiggCondividi in RedditCondividi in StumbleCondividi in MixxCondividi in TecnoratiCondividi in Ok Notizie


I commenti sono disabilitati per questo articolo.

I commenti sono chiusi.



Iscrizione Newsletter

    Tieniti informato con tutte le novità del mondo informatico con la nostra newsletter


    Auto Shop Italia
    Web Burning Blog
    Info Privacy