
Disappearing bytes: Reverse engineering the MS Office RTF parser
In 2017, we encountered lots of samples that were ‘exploiting’ the implementation of Microsoft Word’s RTF parser to confuse all other third-party RTF parsers, including those used in anti-malware software.