Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

How I Found 16 Microsoft Office Excel Vulnerabilities in 6 Months

Hack In The Box Security Conference via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Discover the process of uncovering 16 Microsoft Office Excel vulnerabilities in just 6 months through this insightful conference talk from the Hack In The Box Security Conference. Learn how to build an effective fuzzing framework step-by-step, including selecting fuzzing corpus, implementing mutation algorithms, and triaging results. Gain valuable insights into automating dialog box interactions, managing temporary files, and optimizing fuzzing strategies. Explore real-world examples of remote code execution and information disclosure vulnerabilities, and understand the process of reporting findings to Microsoft Security Response Center. Benefit from the speaker's extensive experience in security research and vulnerability discovery, including tips for overcoming common challenges in the fuzzing process.

Syllabus

Introduction
Quan Jin Introduction
Agenda
My story
Surviving
Candidates
Questions
Statistics
Excel
Visibility
File Types
distillation
fuzzy mutation
classification
synchronization
reproducer
manual check
bug id report
fuzzing equipment
problem list
dialog boxes
VMworld too fast
Speed of execution
File size
Virtual machine fuzzing
Processing inconsistencies
Filing strategies
Size of speed fire
How to manage crash files
Case 61461
Case 20201494
Case 202017126
Case 2020117
Case 2020118
Thanks

Taught by

Hack In The Box Security Conference

Reviews

Start your review of How I Found 16 Microsoft Office Excel Vulnerabilities in 6 Months

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.