[ news_security_news ]
Microsoft Offers Two Office Security Tools
David Utter
Staff Writer
2007-05-22
 Insider Reports RSS Feed
A pair of new tools from Microsoft could help mitigate threats from attacks that target Office and component programs like Word and PowerPoint.
The arrival of File Block and Microsoft Office Isolated Conversion Environment (MOICE) comes as a response to the growing threat of malicious activity aimed at users of Office 2003 and 2007.
MOICE provides a sandbox that converts Office 2003 documents into the Office open XML format. By stripping out the binary code, malware included in a document would be rendered harmless.
"During the conversion of an unsafe file, MOICE will fail to convert the file, create a safe version of the file, or the converter itself will crash; the mere process of conversion and achieving one of three possible outcomes is what protects customers," Microsoft said in its advisory.
"Additionally, the conversion process itself takes place in an isolated environment, so even if the unsafe Office file being converted contains exploit code it is extremely unlikely that exploit code would affect a user's system."
The File Block utility works as an admin tool that can be used in the event of a zero-day outbreak against a particular file type. Administrators can set a FileOpenBlock registry key on user systems that will prevent them from opening a file until the key has been disabled.
Office 2007 products have File Block functionality included, but not enabled by default. Users of Office 2003 will have to download updates, as listed in the Advisory's FAQ.
---
 
Tags: Microsoft, Office, Security
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
