VISTA.BLORGE Vista news
TECH.BLORGE.com
MAC.BLORGE.com
GAMER.BLORGE.com

May 26, 2007 |

Microsoft ships Office security tools

By Ruben Francia





Microsoft Ships Office Security ToolsMicrosoft this week shipped a pair of new tools designed to protect users of Microsoft Office 2003 and Office 2007 products from zero-day exploits. The tools allow administrators to block particular Office file types and convert Office documents into Open XML formats, respectively.

Microsoft security advisory reads: “When used together they are an effective mitigation strategy for customers when the threat of attack using certain Office types exists. This enables customers to continue using Microsoft Office with a high degree of assurance that the files being opened are considered safe and will not infect users with malicious software.”

The first tool, the “File Block” feature allows administrators to declare the specific Office file types that can or cannot be opened by Word 2003/2007, Excel 2003/2007 and PowerPoint 2003/2007 by editing the Windows registry or through Group Policy settings.

This feature gives corporate environments a quick way to shut down access to potentially dangerous Office binary file types in the event of an emerging electronic attack.

The second tool, the Microsoft Office Isolated Conversion Environment (MOICE), converts Office 2003 and Office 2007 format documents into Open XML file formats to strip out possible exploit code.

“One of the things we noticed is that when we converted an exploit document to the new Office 2007 ‘Metro’ format, it would either fail the conversion, emit a non-exploitable or the converter itself would crash,” Microsoft’s David LeBlanc wrote on his Technet blog.

Microsoft says both new tools should make it easier for users to protect themselves from malicious Office files, such as those received via e-mail. Vulnerabilities in Office formats such as Word, Excel, and PowerPoint, are a favorite avenue of attack for malicious software writers looking to infect Windows computers.

Related:

  • Office 2007 security plans make it crash
  • Microsoft fixes Windows Vista Office 2007 patch issues
  • Free Vista Software Sunday: PC Tools Firewall Plus 3.0 – a free Vista firewall
  • Third party firewalls can cause Vista update errors
  • AVG Internet Security 7.5 offers comprehensive protection for Windows Vista


    • Entry was posted on Saturday, May 26th, 2007 at 11:52 pm under Office. Print This Post Print This Post

    Read more entries by Ruben Francia.



    2 Responses to “Microsoft ships Office security tools”

    1. Thilo:
      June 8th, 2007

      Office security is a major concern these days. Shredders prove a convenient way of getting rid of
      sensitive information. for more information check out http://www.shredderwarehouse.com

    2. MS Office Security Watch » Blog Archive » Microsoft Ships Office Security Tools:
      July 20th, 2007

      […] original here: Microsoft Ships Office Security Tools administrators block convert exploits office products protect shipped tools typesadministrators, […]

    Leave a Reply:

    Copyright © 2007 Engaging and compelling blogs that entertain and inform