Office Document Security and Privacy


Jens Müller, Ruhr University Bochum; Fabian Ising, Münster University of Applied Sciences; Christian Mainka and Vladislav Mladenov, Ruhr University Bochum; Sebastian Schinzel, Münster University of Applied Sciences; Jörg Schwenk, Ruhr University Bochum


OOXML and ODF are the de facto standard data formats for word processing, spreadsheets, and presentations. Both are XML-based, feature-rich container formats dating back to the early 2000s. In this work, we present a systematic analysis of the capabilities of malicious office documents. Instead of focusing on implementation bugs, we abuse legitimate features of the OOXML and ODF specifications. We categorize our attacks into five classes: (1) Denial-of-Service attacks affecting the host on which the document is processed. (2) Invasion of privacy attacks that track the usage of the document. (3) Information disclosure attacks exfiltrating personal data out of the victim's computer. (4) Data manipulation on the victim's system. (5) Code execution on the victim's machine. We evaluated the reference implementations – Microsoft Office and LibreOffice – and found both of them to be vulnerable to each tested class of attacks. Finally, we propose mitigation strategies to counter these attacks.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {257190,
author = {Jens M{\"u}ller and Fabian Ising and Christian Mainka and Vladislav Mladenov and Sebastian Schinzel and J{\"o}rg Schwenk},
title = {Office Document Security and Privacy},
booktitle = {14th {USENIX} Workshop on Offensive Technologies ({WOOT} 20)},
year = {2020},
url = {},
publisher = {{USENIX} Association},
month = aug,

Presentation Video