Microsoft cracks down on file format attacks

Microsoft has extended an Office 2010 tool designed to detect file format exploits to certain Office 2007 and 2003 editions.

The Office file validation tool scanned and validated Office files for malformed data before they were opened by users.

"To validate files, Office file validation compares a file's structure to a predefined file schema, which is a set of rules that define what a readable file looks like," Microsoft explained in a security advisory.

"If Office file validation detects that a file's structure does not follow all rules described in the schema, the file does not pass validation."

The types of files the tool scanned included those with xls, ppt, pps, pot, doc and dot file extensions.

"File format attacks exploit the integrity of a file, and occur when the structure of a file is modified with the intent of adding malicious code," Microsoft said.

"Usually the malicious code is run remotely and is used to elevate the privilege of restricted accounts on the computer.

"As a result, an attacker could gain access to a computer that was not previously accessible.

"This could enable an attacker to read sensitive information from the computer's hard disk drive or to install malware, such as a worm or a key logging program."

The tool's expanded availability came as Microsoft unveiled a record Patch Tuesday.