In this talk, Kai Lu discusses the security vulnerabilities introduced to the Office 3D component when Microsoft integrated SketchUp graphics (.skp files) into Office in June 2022. He shares the methodologies used to uncover these vulnerabilities and the process of reverse engineering the Office 3D component MSOSPECTRE.DLL. He presents his analysis of the undocumented SKP file format and the discovery of more than 110 unique vulnerabilities in just three months. He also discusses the patch for CVE-2023-29344 and its bypass, which led to CVE-2023-33146. As a result, Microsoft temporarily disabled SketchUp support in Microsoft 365. Finally, he presents technical details for some of the vulnerabilities.