NDSS 2025 – Be Careful Of What You Embed: Demystifying OLE Vulnerabilities

This session, presented by a team from Huazhong University of Science and Technology and other institutions, focuses on vulnerability detection. The paper "Be Careful of What You Embed: Demystifying OLE Vulnerabilities" investigates security issues in Microsoft Office. Object Linking & Embedding (OLE) allows for diverse object integration in Office documents, enhancing user experience. However, OLE's design inherently blurs trust boundaries, risking unintended library loading and parsing vulnerabilities. Malicious actors can exploit these weaknesses for nefarious purposes. To address this, the authors introduce OLExplore, a new tool for security assessment of Office OLE objects. Through dynamic analysis and verification, OLExplore investigates three key categories of OLE vulnerabilities. Their evaluation across various Windows OS versions led to the discovery of 26 confirmed vulnerabilities. Significantly, 17 of these have been assigned CVE numbers, indicating remote code execution potential. OLExplore provides a critical advancement in understanding and mitigating these widespread OLE security risks.