Office Smart Tags for CVE and Microsoft Security Bulletins

  • Article

While diddling around with Office Smart Tags, I decided to build a couple to handle MS bulletins and CVE/CAN vulnerability numbers.

Just save the two XML files below, and drop them into C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS and you should be good to go.

If you don't see a bulletin number (eg; MS05-011) or a CAN/CVE number (eg; CAN-2005-0001) highlighted with the Smart Tag thingy, go to:

Tools | AutoCorrect Options | Smart Tags

And make sure you have the MSRC Search and CVE Search tags enabled.

Cve.Xml

<FL:smarttaglist xmlns:FL="urn:schemas-microsoft-com:smarttags:list">
<FL:name>Mitre CVE Lookup</FL:name>
<FL:lcid>1033,0</FL:lcid>
<FL:description>Lookup up a CVE/CAN Vulnerability</FL:description>
<FL:moreinfourl>https://msdn.microsoft.com/msdnmag</FL:moreinfourl>
<FL:updateable>false</FL:updateable>
<FL:autoupdate>false</FL:autoupdate>
<FL:lastcheckpoint>0</FL:lastcheckpoint>
<FL:lastupdate>0</FL:lastupdate>
<FL:updateurl></FL:updateurl>
<FL:updatefrequency>0</FL:updatefrequency>
<FL:smarttag type="urn:schemas-microsoft-com:office:smarttags#cve">
<FL:caption>CVE Search</FL:caption>
<FL:re>
<FL:exp switches="i">\b(can|cve)-\d{4}-\d{4}\b</FL:exp>
</FL:re>
<FL:actions>
<FL:action id="CAN">
<FL:caption>Find Vulnerability</FL:caption>
<FL:url>https://cve.mitre.org/cgi-bin/cvename.cgi?name={TEXT}</FL:url>
</FL:action>
</FL:actions>
</FL:smarttag>
</FL:smarttaglist>

Msrc.Xml

<FL:smarttaglist xmlns:FL="urn:schemas-microsoft-com:smarttags:list">
<FL:name>Microsoft Bulletin Lookup</FL:name>
<FL:lcid>1033,0</FL:lcid>
<FL:description>Lookup up a Microsot Security Bulletin</FL:description>
<FL:moreinfourl>https://msdn.microsoft.com/msdnmag</FL:moreinfourl>
<FL:updateable>false</FL:updateable>
<FL:autoupdate>false</FL:autoupdate>
<FL:lastcheckpoint>0</FL:lastcheckpoint>
<FL:lastupdate>0</FL:lastupdate>
<FL:updateurl></FL:updateurl>
<FL:updatefrequency>0</FL:updatefrequency>
<FL:smarttag type="urn:schemas-microsoft-com:office:smarttags#msft-msrc">
<FL:caption>MSRC Search</FL:caption>
<FL:re>
<FL:exp switches="i">\b(ms)\d{2}-\d{2,3}\b</FL:exp>
</FL:re>
<FL:actions>
<FL:action id="MSRC">
<FL:caption>Find Vulnerability</FL:caption>
<FL:url>https://www.microsoft.com/technet/security/Bulletin/{TEXT}.mspx</FL:url>
</FL:action>
</FL:actions>
</FL:smarttag>
</FL:smarttaglist>