Reason for Action
Some risk objects, like macros in MS Office, are easy to understand. However, there are many less obvious risk objects, such as document properties, template name, etc.... These properties allow users to input data, which can pose security risks. Deep CDR provides a "reason for action" for these objects, helping users better understand the associated risks.

Supported reasons:
Action | Reason/Concern |
---|---|
Validate Document Properties | Free-form text fields can potentially allow attackers to input data that does not conform to Microsoft schemas. Reference: Inspection and Sanitization Guide (ISG) for MS Office 2007 section 4.8, 4.9, 4.10 |
Validate Template Name | There is a possibility that Reference: ISG for MS Office 2007 section 4.5 |
Remove Smart Tag | Smart Tags can can executable code Reference: ISG for MS Office 2007 section 4.16 |
Was this page helpful?