Inspection and Sanitization Guidance for Microsoft Office 2007 and Office Open XML (OOXML)

Abstract: This Inspection and Sanitization Guidance for Microsoft® Office 2007 document provides guidance and specifications for developing file inspection and sanitization software for Microsoft (MS) Office 2007 files (i.e., word processing, presentation, and spreadsheet documents).  Client programs, such as MS Office Word® 2007, can store arbitrary data in a MS Office 2007 document, including video, sounds, and hidden text. This presents a challenge for automated file processing software. This document addresses this challenge by delineating the various constructs with the Office 2007 file formats.  The document provides specific guidelines for designing, building, and testing Office 2007 file inspection and sanitization applications.

Date Published:

Last Reviewed: 11 December 2017

Identifier: U/OO/234053-17

Dissemination Control: N/A

Length: 209 page(s)

Format: pdf

Type: Reference/Overview; Report

Tags: National Security Agency - NSA; Cyber; Guidance; Exploitation; Vulnerability; Data