Yong Chuan Koh presented “Understanding the Microsoft Office 2013 Protected-View Sandbox” at the REcon 2015 Security Conference.

The first part of the talk gave an overview of the Protected-View sandbox internals by describing its architecture, initialization sequence and the system resource restrictions. The second part discussed the Inter-Process Communication (IPC) mechanism, including the mode of communication, internal objects involved, format of IPC messages and the semantics of selected IPC messages.