Abusing the SYLK file format
This blog is about the SYLK file format, a file format from the 1980s that is still supported by the most recent MS Office versions. As it turns out, this file format is a very good candidate for creating weaponized documents that can be used by attackers to establish an initial foothold. In our presentation at DerbyCon 8 we already demonstrated some of the powers of SYLK.
In this blog post we will dive into additional details of this file format. We also provide recommendations for mitigations against weaponized SYLK files.