Microsoft this week shipped a pair of new tools designed to protect users of Microsoft Office 2003 and Office 2007 products from zero-day exploits. The tools allow administrators to block particular Office file types and convert Office documents into Open XML formats, respectively.
Microsoft security advisory reads: “When used together they are an effective mitigation strategy for customers when the threat of attack using certain Office types exists. This enables customers to continue using Microsoft Office with a high degree of assurance that the files being opened are considered safe and will not infect users with malicious software.”
The first tool, the â€œFile Blockâ€ feature allows administrators to declare the specific Office file types that can or cannot be opened by Word 2003/2007, Excel 2003/2007 and PowerPoint 2003/2007 by editing the Windows registry or through Group Policy settings.
This feature gives corporate environments a quick way to shut down access to potentially dangerous Office binary file types in the event of an emerging electronic attack.
The second tool, the Microsoft Office Isolated Conversion Environment (MOICE), converts Office 2003 and Office 2007 format documents into Open XML file formats to strip out possible exploit code.
“One of the things we noticed is that when we converted an exploit document to the new Office 2007 â€˜Metroâ€™ format, it would either fail the conversion, emit a non-exploitable or the converter itself would crash,” Microsoft’s David LeBlanc wrote on his Technet blog.
Microsoft says both new tools should make it easier for users to protect themselves from malicious Office files, such as those received via e-mail. Vulnerabilities in Office formats such as Word, Excel, and PowerPoint, are a favorite avenue of attack for malicious software writers looking to infect Windows computers.