By developing a SketchUp fuzzing harness and using a dumb file format fuzzer, 20 unique vulnerabilities, including use-after-free and stack buffer overflow, were discovered in just one month.

Researchers Discover 117 Vulnerabilities in Microsoft 365 Apps via the SketchUp 3D Library

This article discusses the process of reverse engineering the Office 3D component in Microsoft 365 apps, specifically focusing on the parsing of SketchUp (SKP) file formats. The authors analyze the MSOSPECTRE.DLL dynamic library responsible for parsing 3D files and identify various functions used in the parsing process. They also mention using the SketchUp SDK and its C API documentation to create a fuzzing harness for testing the Office 3D component. The article concludes by highlighting the discovery of 20 unique vulnerabilities through this reverse engineering and fuzzing process. Additionally, it briefly mentions the two data types supported by SKP files: MFC type and VFF type.

Back to Home


  • No comments yet.