Bugging Microsoft Files: Part 3 – Clearing Metadata
Summary
This article, the third in a series, details methods for clearing metadata from Microsoft Office files, specifically .docx and .xlsx formats. It builds upon previous posts that explained how to insert tracking bugs into these file types.
IFF Assessment
FOE
The article describes techniques that could be used to covertly track users or exfiltrate information by manipulating file metadata, which is detrimental to defenders.
Defender Context
Defenders should be aware of how metadata can be manipulated in common document formats. Understanding these techniques can help in identifying malicious documents and educating users about the potential risks of sharing files with embedded tracking mechanisms.