Bugging Microsoft Files: Part 1 – Docx Files using Microsoft Word
Summary
This article, the first in a series, discusses methods for creating web tracking software using .docx files renamed as .doc files in Microsoft Word. It builds upon previously known techniques involving .html files for similar tracking purposes.
IFF Assessment
FOE
The article discusses a technique that can be used for malicious tracking, which is detrimental to defenders.
Defender Context
Defenders should be aware of file type masquerading techniques where seemingly benign document files could contain hidden malicious capabilities. This type of evasion can bypass basic file-based security controls, making endpoint detection and user awareness crucial.