Understaning the Microsoft Office Protected-View Sandbox

Video thumbnail (Frame 0) Video thumbnail (Frame 2883) Video thumbnail (Frame 7384) Video thumbnail (Frame 10547) Video thumbnail (Frame 12977) Video thumbnail (Frame 14180) Video thumbnail (Frame 17261) Video thumbnail (Frame 18117) Video thumbnail (Frame 18953) Video thumbnail (Frame 20068) Video thumbnail (Frame 22047) Video thumbnail (Frame 23294) Video thumbnail (Frame 26431) Video thumbnail (Frame 28817) Video thumbnail (Frame 30889) Video thumbnail (Frame 31686) Video thumbnail (Frame 33150) Video thumbnail (Frame 33968) Video thumbnail (Frame 37475) Video thumbnail (Frame 38390) Video thumbnail (Frame 39931) Video thumbnail (Frame 42229) Video thumbnail (Frame 42992) Video thumbnail (Frame 46528) Video thumbnail (Frame 47564) Video thumbnail (Frame 48468) Video thumbnail (Frame 49559) Video thumbnail (Frame 51155) Video thumbnail (Frame 54518) Video thumbnail (Frame 56791)
Video in TIB AV-Portal: Understaning the Microsoft Office Protected-View Sandbox

Formal Metadata

Understaning the Microsoft Office Protected-View Sandbox
Title of Series
Part Number
Number of Parts
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
The first part of this talk will sketch the Protected-View sandbox internals by discussing about its architecture, its initialization sequence and the system resource restrictions. The second part will discuss the Inter-Process Communication (IPC) mechanism, including the mode of communication, undocumented objects involved, format of IPC messages and the semantics of selected IPC messages.
Pairwise comparison File format View (database) Forcing (mathematics) Multiplication sign Binary code Source code Sheaf (mathematics) Mathematical analysis Computer font Mereology Expected value Revision control Message passing Process (computing) Computer animation Triangle Data conversion Object (grammar) Endliche Modelltheorie Office suite Computer architecture Reverse engineering
Discrete group Group action Presentation of a group Context awareness Code Multiplication sign System administrator Sheaf (mathematics) Parameter (computer programming) Client (computing) Mereology Computer programming Mechanism design File system Bus (computing) Cuboid Office suite Endliche Modelltheorie Extension (kinesiology) Physical system Identity management Area Mapping Inference engine Electronic mailing list Shared memory Sound effect Special unitary group Message passing Process (computing) Windows Registry Point (geometry) Functional (mathematics) Computer file Connectivity (graph theory) Patch (Unix) Similarity (geometry) Event horizon Product (business) Wave packet Internetworking Operating system Software testing Contrast (vision) Computer architecture Addition Pairwise comparison Information Assembly language Prisoner's dilemma Content (media) Directory service Cartesian coordinate system System call Symbol table Particle system Wind tunnel Loop (music) Computer animation Software Logic Personal digital assistant Interpreter (computing) Object (grammar) Service-oriented architecture
Windows Registry Point (geometry) Implementation Functional (mathematics) Computer file Multiplication sign Connectivity (graph theory) View (database) Execution unit Perspective (visual) Revision control Semiconductor memory Cuboid Office suite Exception handling Physical system Key (cryptography) File format Surface Infinity Cartesian coordinate system Interprozesskommunikation Symbol table Data management Process (computing) Website Summierbarkeit Object (grammar) Service-oriented architecture
Beat (acoustics) Server (computing) Implementation Divisor INTEGRAL Execution unit Set (mathematics) Machine vision Doppler-Effekt Velocity Different (Kate Ryan album) Flowchart Cuboid Energy level Addition Default (computer science) Scaling (geometry) Key (cryptography) Digitizing Physical law Interactive television Directory service Cartesian coordinate system Process (computing) Software Integrated development environment Predicate (grammar) Personal digital assistant Buffer solution Moment <Mathematik> Summierbarkeit Object (grammar) Quicksort Service-oriented architecture
Windows Registry Web page Noise (electronics) Touchscreen Mapping Source code Mereology Product (business) Digital photography Arithmetic mean Uniform resource locator Process (computing) Computer animation Flowchart Boundary value problem Iteration Summierbarkeit Office suite Physical system
Ocean current Windows Registry Slide rule Standard deviation Key (cryptography) Computer file Multiplication sign View (database) Virtual machine Directory service Connected space Uniform resource locator User profile Process (computing) Computer animation Software Summierbarkeit Right angle Office suite Local ring Resultant
Windows Registry Boss Corporation File format Direction (geometry) Sheaf (mathematics) Interactive television Connected space Force Message passing Mechanism design Process (computing) Computer animation Causality Internetworking Kinematics Summierbarkeit Office suite Object (grammar) Service-oriented architecture Information security
Point (geometry) Trail State observer Dynamical system Group action Computer file State of matter Code View (database) Set (mathematics) Latent heat Term (mathematics) Endliche Modelltheorie Contrast (vision) Office suite Series (mathematics) Information Inheritance (object-oriented programming) Forcing (mathematics) Interprozesskommunikation Symbol table Subgroup Data management Message passing Process (computing) Pointer (computer programming) Visualization (computer graphics) Doubling the cube Personal digital assistant Buffer solution Free variables and bound variables Right angle Summierbarkeit Object (grammar) Service-oriented architecture
Point (geometry) Ocean current Functional (mathematics) Group action State of matter Execution unit Disk read-and-write head Mereology Internet forum Series (mathematics) Social class Dependent and independent variables Email Key (cryptography) Block (periodic table) Computer simulation Maxima and minima Instance (computer science) Cartesian coordinate system Type theory Message passing Visualization (computer graphics) Personal digital assistant Speech synthesis Pattern language Collision Quicksort Service-oriented architecture
Area Addition Focus (optics) Touchscreen State of matter Direction (geometry) View (database) Keyboard shortcut Set (mathematics) Parameter (computer programming) Number Message passing Personal digital assistant Profil (magazine) String (computer science) output Object (grammar) Service-oriented architecture
Group action Service (economics) Computer file Code View (database) Open set Mereology Number Semiconductor memory Cuboid Contrast (vision) Error message Exception handling Form (programming) Addition Information File format Cohesion (computer science) Limit (category theory) Cartesian coordinate system Symbol table Message passing Process (computing) Personal digital assistant output Summierbarkeit Remote procedure call Service-oriented architecture Table (information) Window
Addition Information Computer file File format Directory service Cartesian coordinate system Computer programming Automatic differentiation Symbol table Revision control Performance appraisal Word Message passing Computer configuration Semiconductor memory Videoconferencing Energy level Arrow of time Error message Traffic reporting Physical system
Computer animation
Functional (mathematics) Computer file Source code Virtual machine Set (mathematics) Line (geometry) Mass Rule of inference Message passing Process (computing) Computer animation Semiconductor memory Arrow of time Table (information) Traffic reporting Task (computing)
Type theory Uniform resource locator Network topology Interactive television
Revision control Server (computing) Dependent and independent variables Information Energy level
Shared memory Directory service Symbol table
Point (geometry) Dependent and independent variables Server (computing) Computer file Software developer Primitive (album) Coma Berenices Orbit Message passing Computer animation Website Office suite Navigation
Addition Computer file Code Block (periodic table) Multiplication sign Sheaf (mathematics) Sampling (statistics) Interactive television Bit Line (geometry) Revision control Preprocessor Mathematics Message passing Digital rights management Process (computing) Computer animation Computer configuration Cuboid Quicksort Window Physical system
Default (computer science) Pairwise comparison Functional (mathematics) View (database) Connectivity (graph theory) Maxima and minima Directory service Interprozesskommunikation System call Traverse (surveying) Subset Number Message passing Arithmetic mean Computer animation Software Computer configuration Buffer solution Office suite Endliche Modelltheorie Window
you're on the road to the who do you think this the issue here is the height of that so in a morning everyone In the encoding here me in the morning to therefore my talk understanding of Microsoft Office 2013 political views and so
at the data myself my 1st mentor young triangle benefits Commie young for short courses lasting and I'm a psychotic consulting with and you are in force approach to in Singapore no only if all I do things ranging from source code review binary and model analysis and went off and I get to do some of research in my own time and that is why conversations for the personally I am interested in reverse engineering in general I'm pondering the research and also doesn't need to be of expectation on the a so here is outline for today's talk i will begin with a brief introduction of the part of the sandbox this if 1 of my a section about its internist which would include the architecture of the initialization process and these and what restrictions next in the IPC section I will talk about the internal objects that people could use during ITC and format of IPC messages and after which I will highlight the proposal some of these message and since the office 26 Temporal version has been released I will make a show comparison and warheads have not changed and lastly of course so in this talk with the conclusions and now the introduction but
before we begin I lost if Watson boxing which defines it as a simple sister copying mechanism for separating running programs assembles typically provides a tightly the contrastive of resources for his programs running such as some discretion reasons is part of the assignment is implemented by executing a software in a restricted operating system and the past controlling the resources that a post test me use so this kind of suggest that imposing restrictions on occasion resources essentially the same boxing but what kind of resources so we talking about here equally as simple as the file systems or registries cool process-related actions like to be interpretations are creating new process um as a side effect of the restrictions sometimes does have an action for events that the same should be a lot to do but a preventative so so in fact this there is usually a pre-defined self passed at the broker can do on his behalf Easterbrook appositive some deeper that of the sandbox is a feature that introducing MS Office 2010 and unlike too because some boxes the protective use and box is not used to render all the files instead it is used follows that Microsoft my sister and trust and this logic covers follows the origin it from the internet such as tools to and download that all those that are in there as a loop attachment so in general the product of you wish show the following everybody text you more while at the same time to deceive other non unnecessary features for the scope know the motivation for this research arises because at present there are many excellent research on some books in use in other applications for example mappings and inference engines for reference for IDP and bad as of now adored the protective you has to prison for 5 years there is no problem research when and besides Microsoft and released any technical information about the sandbox either so going back to the definition of sandboxing boxing the objective of the research be so far understand what restrictions on the product of the feature and also the list of hostility broker could 247 box i.e. the IPC messages and in a white people would eventually be released together is this light so refer to from auditors 1 and for the audience that's thing is the only from this talk I would like to apologize in advance the moving on in this section I will talk about the symbols in tunnels we show include how we would drop the architecture and we also talk about the start-up process and also at the system resource restrictions the the and since there is no public information the
particle assembles model the time in by comparison of dynasty II model and the idea modest chosen in the course of the 94 of code re-use in Microsoft ordinary share similar components and also because this good reference for it because it's on extensive research by many other researchers now this is subtly because I E 7 bus architecture consisting of a highly political corpus as the sandbox process but you bet content is we render being and also the ask In this model training components are central to the functionality office boxing the 1st is the intersection component 2nd is the education policy component and lastly of course we have the IPC and the intersection components used to redirect yeah calls In IEEE this redirection facilitatory proposed 1st we can modify the EPA parameters for the text so for example are original felt half would have which will have points to offset the symbols container will be changed by these 3 direction so that it will point to incite the symbols directory and 2nd may be certain situation the action that is simply need to be performed in the context of the book or and lastly the redirection may be for to the alleviation policy component for which the administrator can configure on its launch behavior the in the sudden client is achieved by API and in the case of IE is done by patching identity the sold to find out whether the productive has a similar component the age of the Sun was process was used action was checked for patch and in addition the EAT in a function pronouns of all the models that also tracked and as it turns out there's no patch industry areas so didn't seem to be in the session component present here and since the in
the 2nd component is not present it is likely that the elevation policy will not be present as well since both are related but nonetheless it was to do another checked by this time from another perspective going under the river simplices a stored as registry keys in the application name because some past the other CIS ID lunch policy value for me and the manager which had these registered to the site whether the request the process of home should be stopped therefore I watch I would involve 1st filtering out the new registry keys introduced between Office 2007 and Office 2013 and from this we check whether they have the same units you value format office the other 7 is chosen because this allows version that often implement the protective you feature so this means that any new a registry keys introduce could possibly be related to the sandbox and as it turns out none of the new keys had this format and so we concluded that no activation policy components the last immediately see is a fundamental component and its boxing implementation because somehow for various reasons the symbols 1 at the top of look at some point time unsurprisingly this component is present in the protective use implementation but unlike the idea rebels Comité memory IPC I use the protective you Watson uses only the impact ITC and this might result we discuss in more sex details in an exception
so so define that that do sum of money is actually very symbolic and she look something like this with other 2 components on this is hardly surprising given that this feature is intended to show Atex view of the file and therefore all the full functionalities of the application are not needed and this also means that the attack surface for some of the skits are greatly reduced and especially so for the absence of an admission policy which has been commonly abused in IDP and states the some as a final note here and see that all and just the father and in the system works process so therefore for the broker wanted to find a way to identify each far and you can see how he does so from an infinite object and talk about it not in any somebody
implementation dietary factors that should be considered in the creation of the sum of process 1st we should have a restricted assessed token that by assigning are dropping the corporate seeds are in a container case the probably the seats secondly this somewhat for such a crude but in isolate that in vision and thus talk to minimize the interaction in have of the process and finally this other process is processed in addition also be restricted i'm but this this just now we will look at the sort of process and disenfranchisement industry factors and that so here is the flow chart not so obvious the some and stuff that in the low in predicate more if it is being 7 or X and in a more if it is in it and above the vocoders cover this environment by detecting the Hitchcock scale and software Microsoft ofthese commons approach the user at and the unit is the key all went according this 2 week assessed he already boxes represent the differences in start up between these 2 moles dig remote server presented differences due to application settings for a start we see that the sum of name is randomized when the last 10 beats that assess its restrictions for this job object but Doppler velocities all the time and by the for this new UI restrictions at all next the generous this and was accordingly on in the EC comes in a more this is done is the the rise at and in from at something and in HCI and indeed integrity more the sum of the torques hold about for the last 4 digits the she's reuse from the Synmarks mean next the broker would be stable restraint and allow this aspect the seeds from this and what token if it is of interest to you and lastly sets
the law in great level and next the broker criticism of directory and runs the assess in the x and the animal that assesses granted only to the sandbox while in the other more the rest but this is run individually the broker then creates an isolated desktop if needed but by the front is not the case and therefore the process is created in the default desktop next is set of the IPC named impact before buffer size of with all them but the indeed that contain no more of the
book go at the office probably sit before starting the sandbox with the great processes user API soul in this photo we see that the process by the thought is not great but with some on desktop isolation and for WI restrictions so what this means is that the product of the process is still effective ideas known i.e. issues we shall reading and writing for the kid bought all I'm doing screen captures the non that
the X and in these last few days on a constant noise it would be the visual in 25 how the system which turn defines the resources that the sum of assessed In IEEE this there will be this past known and if I give you the mean and the doc page off from the cable the mappings registry keys Bizer can see from the start of flow chart the part that sum was assigned only 1 be which is not document that all 5 publicly so sold to define the boundaries of the same must contain no we were checked for the sandbox and to sit in the source countries in an iteration of 4 locations and registry keys for the locations with the
sum exceeds the sum of assessed only the user profile at the time local really local packages directories and subdirectories sister standard rights or assess the capabilities it does not allow access to anaphora patients and this result is what we would have expected as seen from the stop process the for the registry keys is the most it could assess this and the keys with mostly key or access rights for the capabilities the on off relate that keys could be assessed and we've only up here it right among these is the current user software Microsoft Office what the crop the trust the locations of the Mission would have defined a foul powerful which the protective you more piece to be excluded so meaning that is somehow you could put no the fault half of your own fault and so this registry then would not be opened in that the view the um in another slide interesting things we can read from the officers accused is the file and are you thought he's machine which opened in the fall that I recently opening office the
finally the capabilities it does not allow outgoing connections to be made from the sandbox as filled with permission denied clinic
so putting everything together from the internet section you have this defined illustration the 1st new edition is at the lower left that the sum of kinetic yeah cause relating only to with 1 direction registry and and also the office registry keys that we've to at r and with no desktop isolation and job you restrictions a quick interact other processes showing in desktop for the federal office the assessing the active Boss by using the user and those of other processes and finally economic connections not intended for in this section out
what the IPC mechanism that protective use and what users which is always a inch attractive at the lookout for security issues I will 1st begin with the Internet objects broker use for about a format and lastly some of the messages so
this is an overview of the objects that the broker uses for the protective you feature and it also starts with the track manager object visual reference to the IPC message the restrictions and do many Joe objects the IPC MSE sensitive describes the status of the IPC named pipe and also contain the buffer that you read or write to the IPC view restrictions to content information from the sandbox . process and if you had endangered is actually the 1 of interest here it mainly contains 4 sets off track manager and you track a point of the unicity show why their forces of point of but from what I have seen the officers on now otherwise it doesn't seem to serve much purpose on some other than as a placeholder object so recall earlier when I say that because all the fossa and the in the same process the broker when finally to maintain a state for each file so this actually starts from the view track objects where the horse an overview of the symbols in state so and as unbiased and none of you follow the you wish shows the total number of unjustified currently if you check out would also holds a pointer to and dynamic array of due for objects this review file and body subsequent objects are used to represent and contain information for each contrast the fault this is a model to view of the track manager your manager and to track objects um also showing the of of fish few the size and some comments for them In object some through some missing because that is rather irrelevant as shown here all doesn't be unknown and these are the
corresponding to chose for the view file symbol broke up AT and ww IPC message of can see more clearly that the view file object contains information about the individual files and in particular the view UID is important because they identify each file that is a value of 1 for the 1st one and this series commonly used in many IPC request for the book of affect the corresponding to 4 object the symbol code at this not always present and it depends on which process opens the file In the illustration at top right is the sum of sets out look at his parents as shown by 1 b 2 a and 2 b then this although not be creative and in this case the double w IPC message will be missing as well and as a side note this this the global variable at 0 1 5 united c which show this situation as well in general all these 3 objects and fused refers directly by the respective IPC message terms so the necessary as simple as asking for the full name for specific view ID and these IPC messages can be broadly classified into 2 groups depending on whether is handed in an asshole got the are of the view that the got the 0 and and observation from this is that the star of the local situation the late and a subgroup of I must go IPC messages will not be available In general the form of
IPC message will consist of behavior and what the which is often in some cases the they have full MSO and the monopoly groups with the 1st like the that clause use would be the message tech which identified the type of message the message ID visual pattern request and the response to the and also the message size rich your the collision of a maximum size of 2000 as we have seen from the preparation did you UID series units so that the visibility of of message and the header for the response is similar as for the 1st few we should know that shows the status of the requested State this still functions are falling MSO endeavor that really and now rather book was so his speech ITC request in the hope of locks him and before every couple block aforementioned message is done the rocks the 4 include things like whether the sizes correct by comparing the size you in the head of the pull the Steve or in some cases some IPC messages actually has a fixed Mrs. size so the a for that long all article text languishing rated simulator through sort of ignition point so now we will look at some ITC
class instance user 1 this request as the message board the annoyed doesn't for the broker to directly and return the current user of policies 3 key is key reassess without keeping the cost of the beauticians and it is implemented as a walk around the somewhat registry the restrictions this suffer policies usually defined for it is only used for the 5 Application policies as part of the group in instructions and next to look at 0
0 6 1 request which has the parameters for the PostMessage API In body so we mating of using the 0 6 1 request on troops holds a number of messages to the state budget protective you inputs in areas the 1st it would try to navigate to the fault had to any but everything with the and keyboard inputs as shown on the last lecture but these last few because the knowledge of course message the set must be nor has to be focus which is not a case of 13 addition so this brings us to the 2nd so narrow and since it has to be in focus we might wonder try brute-forcing screen coordinates and then send mostly to any editing directly but this is also not allow because the most values that except that in the the the message permit therefore these requests not all that
most of most features are the same but in protected view your assessed assessable from and for the fall and the 0 9 1 messages and requests for this purpose it will you cast the broker never gets that you are out of the fissioning navigate to string reference API pending user direction permission and this commission will be asked profile and what we start in the view from object session and a happening still the 0 anyone messages a request for the
broker to create the and 1st message box for any possible that the file for which the input of the input is to be returned to the sandbox this message is an example of a request for a service only when the symbol code at is missing as in the case when the graceful this but and the number is 1 this is the cost of the ordered must not do any file passing itself so red of thought this when is open it was thought the most processed immediately and other similar two-handed a so while has been the followed apostle then realized that the sum of then realize that it is possible and that's what he was send this request for the outlook to prompt the user so this is in contrast the case when the role cohesive work and the broker would probably user for the and for the possibly for this and what the stop so in the all group broke OK is the cost of a tragic situation itself it was pretty new what could object for the past prompt even after the follows open as you can see from this last snapshot metaphoric open in the background so I'm not really sure whether this behavior is intended on next we will look at the 0 c 1 message which is sent error reporting requests In a typical Windows Error Reporting scenario the application destined travel create you being on itself and possibly the the perception information such as before the Yankees but in the case of protective your sum of cannot do so due to the job restrictions and that's what you would use the 0 c 1 request for that book could conclude the the 1 is passed and because it's see messages limit of proposal by these them also passed to the Volcker this perception information the 1st speed as shown by December shared-memory handled in the form table subsequent that will go and pass this information to the Union emission and remote if the broker tionally and the and this is the format of the memory
that the coalition of mean both parts of the show memory are highlighted here in the 1st box DWT or some info leases in these awful tough files that at the summit that to the W just over 1 of these follows the additional WER owning is to be specified by the as part of the talk like you see requests the 2nd box such child of characters for which the viewing were used for the yummy epoch and is set by the symbols in each some bullshit memory but before we go on
last official look and what happened in decoding goes added thing men and they're all cluster user will have 2 options check on my for solution of the program or the of if you chose the 1st option than being with Sandy the level 1 error the tops of the of the this Level 1 data how will convince an overview of the arrow like the coevolution application version perception information and also foster related to this error in XML format at a civil and it would decide whether this error is interesting enough all unique in is the and if it is interesting note that you are asking application for level at school on the farm which would consist of a fault that I mentioned earlier and this false or compressed in no don't have a cage after sending being looking up by deleting this falls in the local systems so that 2 issues
relating to the receiver message the 1st 1 is re as evaluation minimal could tries to copy of fixed size of 1 5 0 buys from this emotion memory to hold the bookish memory this talk by reduces permit us for the WTI report create in the video separated eyes but during the copy the book did not check whether there is sufficient size copy from in the some of the the 2nd issue allows the symbols to trick the book of the try was out of the symbols container as mentioned earlier with the additional WTO phone interview this summer school and so 1 of the following in a book kept at the front of full data but is still by right something when a phoneme because the book 1st shut down a back slash correct the before prepending the sandbox directory for its full pathname so the whole purpose for this is to ensure that this followers located in the sandbox container and the special here shows that the people got checking on in a slash correct but if you were to look at them as the and it was stated that that in the fall I ODP eyes internally will come but before was large enough file path to that was slashed so in other words is the useful was slashed in the addition of phoneme and this will allow us to bypass the name checked by the book and public any local files so at this point and
show small them all and and and the the
that OK so
effectively what we do here is to inject the out into a somewhat process and what is the 0 hour does is the same as you see 1 message I here this in Saul who this on this coming here note the the you but so this other characters for the 0 c 1 message and a set of rules for the mass of all the um the DOI will also correct these emotion memory in Room sure functions he said so if you want to check the issue 1 mentioned just now you can increase the size of the of this on memory size and their own the so is that this is really what we are just like in this this line if you here and this actually allows us to try was of the must and the on so the desktop and then tries to look this text file here the table this task to inject the intersymbol process and with regards to school every partying you can lead us and that the report back to the Michael source of was corporate arrow so well in all corporate environment and since it understanding thing that the rule violent the corporate couple reporting here so just was funny IP over here and this is actually I was so machine
to do so and interaction types in you 1 tree is the grown for so that in terms of
your fruitful for for location check so logo on data you can see Ch
sold the lonely document contains Finster XML we should like this
and this will tell us the server the OS version complications version and also the perception information and this will be the that will be send back in level 2 show the so this level is send this response but to ask for the true level to the door and before sending the
the user when full I grant the permission to do so as you see the of fault that we of blow that you see that is essentially what we suppose to find people and the by the symbols directory here if so we was set in yeah and this will be deleted and it should be
the sharing here yet so this off on a desktop so essentially we could
publish any file to the server which 94 point 2 watson . microsoft . com auto preconfigure and the price of alternatively you could also use food the and you fall as it does so after sending the book had the cage so this issue was reported and the response but it's fun and it does something about solution but will be fixed in future and so we will see if they will be this is to present in office 2016 the last IPC message you talk about is the 0 f 1 requests actually I Microsoft have message that you decrease the c l d don't yet see orbit navigates through the developer have websites depending on the request primitives and another 0 1 message and there's your message there's also really Asia and this time because of a noun the reference so in the last section of
this talk we will check whether there are any changes made to the somewhat more there in the preview version of Office 20 16 in of the code to mention just 1st common samples to new individual module such as the MSO 20 reinvented to claim that the L and secondly Sakaki sessions it neutral windows it up and also at the I intend self the cimosa sections no additional abilities to sort of science so what this means is that they should not be any changes to the system resources that is what could assess next most of the stellar processes remain the same except for the addition of a preprocessing block before starting the the most process so this additional option looks a bit via the cost currently dust that others in any way that we can change the condition of by that EDU on custody 1 you guessed custody 1 to cause the bunching to create process so maybe this is related to for future option for protective so here we look at a 0 C 1 message of being and personally I'm curious because since the time they responded for me at the time of the day 16 really is there's actually 2 and a half months to add a few course of a few lines of code to check for the forward slash so you compare the special on the left is the 1 on the right because see that there's no change from an intermediate yet so obviously this is among 1 of them these priority choose to do but I can understand that the cost exceeded the sports 1st require the 80 quot secretion in the box and then the user interaction is also required both Sandy i'm fall back to the deviance of the and also the the the Saul the 1 6 1 messages from new request introduced in 20 16 and it will be so easily that Paolo these filled up by the symbols through about so it's a very simple request to protect unprotect this and window for rights management at the files and finally this
all requests a new message size but otherwise nothing else is change
so in conclusion the protective this and most stuff not into also for function these of the origin of replication therefore I can do away with the intersection and efficient policy components to implement a very simple model this approach of amazed at the number of supporting IPC present really reduced and as a comparison of the Adobe Reader has about 400 + IPC message compared to the 38 in protected view even so my we've all software some issues have to follow for example the desktop isolation of you I restrictions are not applied by default and this has been present since the IEP and some call quality-wise Microsoft has been cast for the buffer sizes and so on but will read as Cervantes us to follow a window that enticed minimum in dB for the directory traversal issue which is not if you want to use the than the 16 as a means how the somewhat may involve it is likely that it will not be must change us but I personally is curious to know how the new option will be used all in I think that these features to office cluttered with the most protection to use here is a subset of the reference
and this is the end of my talk thank you what without