Open source innovator and Snort creator, Sourcefire, announced the availability of OfficeCat, a free security tool that enables users to easily identify potentially threatening Microsoft Office files. Unlike products that detect attempts to exploit known Microsoft vulnerabilities, OfficeCat can determine if a file contains hostile content before it is opened.

“OfficeCat is the latest example of Sourcefire’s commitment to the open source community,” said Robert Wagner, coordinator of the Chicago Snort Users Group. “By enabling users to easily evaluate files for possible threats, OfficeCat provides us with the ability to protect against the rapidly growing number of exploits against Microsoft Office applications.”

According to the SANS Institute, in 2006 there has been rapid growth in exploits against Microsoft Office vulnerabilities known to provide hackers with the ability to penetrate an organization’s network by using the weaknesses to install and execute code on hosts that support the affected application. Available as freeware at www.officecat.org, OfficeCat examines Microsoft Word, PowerPoint, and Excel files to determine if possible exploit conditions exist. OfficeCat provides reference information on discovered vulnerabilities so users can remediate risks. By detecting these hostile files before they are opened, OfficeCat enables users to proactively increase the effectiveness of their security efforts.

OfficeCat was developed by the Sourcefire Vulnerability Research Team (VRT) to detect security risks that are often overlooked by other technologies, including anti-virus. The Sourcefire VRT is a group of leading edge intrusion detection and prevention experts working to proactively discover, assess, and respond to the latest trends in hacking activity, intrusion attempts and vulnerabilities. OfficeCat was developed by the VRT through research aimed at creating rules for Snort, the open source intrusion detection and prevention system created by Sourcefire. With more than 3,000,000 downloads and 100,000 registered users, Snort is the world’s most widely deployed intrusion prevention technology. To create effective rules, the VRT conducts ongoing research into Microsoft Office vulnerabilities and will regularly update OfficeCat with the latest vulnerability information.

“As security threats continue to evolve, Sourcefire is dedicated to delivering solutions for both commercial users and the open source community that enable users to protect themselves from attacks against their networks and information,” said Matt Watchinski, Director of the Sourcefire VRT. “OfficeCat fills a unique need among users to identify potential avenues of attack that can significantly impact their network security. As one of the leading network security research organizations, our goal is to provide users with the best possible security backed by the latest discoveries.”