I’ve talked a lot this year about Office documents that were used in very limited targeted attacks against our customers . . . Office documents make a great vehicle for delivering malware because most people don’t realize that Office documents can be made to exploit vulnerabilities and subsequently run code of an attackers choice! Also – now that macros are disabled by default I think most people wouldn’t hesitate to open a document sent to them via email – especially if it appears that it came from someone they know / trust.
I’ve been warning folks that this phenomenon isn’t unique to Office documents – I’ve been saying that this is an industry problem (we are after all not the only ones writing parsers for complex binary file formats) and here’s another visual example of this – but this time using a PDF file as the delivery vehicle: https://www.youtube.com/watch?v=R_mv49Sdeok
People like to bemoan the dangers of the Microsoft ‘monoculture’ but for some reason the OTHER monocultures that exist (Flash, Quicktime, Acrobat) seem to go largely ignored . . . even though Apple patches QuickTime like every other week to fix vulns . . . but whatever.