Jaanus Kääp works as a penetration tester, security researcher and developer at Clarified Security (Estonia). Over the last years he has mostly focused on Windows and Android but also trying to find vulnerabilities in Office products as lazily as possible. Current talk is about how laziness can still take you as far as 11th place in MSRC Top 100 list.
[Abstract]
==========
Starting from the end of 2015 I have used same basic method and tools for vulnerability research in MS Office products and Adobe applications. After the initial development, these tools (with only minor improvements over the years) have brought me new CVE-s in almost a stable manner -making it an average of 2+ CVE-s per month from Adobe and Microsoft for almost no work (“passive income”). The method for finding these vulnerabilities originates from the corpus distillation and basic fuzzing without using any advanced methods or special workarounds. This talk describes used methods and small tricks that have been of help and I will also make public my full toolset.