Shared documents may contain more than you expect. By design, many document formats include invisible data structures for change history, macro scripts and binary objects. Microsoft and Acrobat files, for example, contain meta-data resources that can include confidential information or can be used to transport zero-day malware.
Common document formats can hide executable code that might be missed by signature-based antivirus, especially if it is a custom-designed zero-day attack. A common spear-phishing tactic might involve a resume sent in response to a job posting.
For organizations that receive documents from the general public, or collaborate with users that might not have up-to- date malware protection, file sanitization is a vital part of defense-in- depth strategy. Incoming files from untrusted sources are opened and resaved in their original format, but without risky macros and binary resources.