Microsoft struts Office 2010 'sandbox' security
'Good move,' says analyst of feature that isolates rigged docs from the PC
Computerworld - Microsoft's plan to "sandbox" documents in the next version of Office looks like a "very good step forward," according to one security analyst.
Last week, Microsoft revealed more details about a new security feature in Office 2010, dubbed "Protected View," that is designed to shut down the popular hacker tactic of feeding users rigged Word, Excel and PowerPoint files.
"It is a good move," said John Pescatore, Gartner's primary security analyst. "It gets away from the 'training' people have that makes them ignore pop-up warnings."
Protected View isolates Word, Excel and PowerPoint files in a read-only environment that prevents malware -- which has piggybacked on Office documents for years -- from harming the PC or hijacking the system.
"The file is being opened within a sandboxed instance of the application -- Word, Excel, PowerPoint -- and if there was malicious code present in the file, the goal is that code would not be able to find a way to tamper with your documents, change your profile or other user settings," said Vikas Malhotra, a Microsoft security program manager, in a entry to a company blog last week.
"If nothing else, we'll stay just as secure as before, but [Protected View] should cut down on the messages to the users," said Pescatore, talking about the kind of alerts current versions of Office display when users are about to open an untrusted document.
Within Outlook, for example, users who open an attachment now face a dialog box that asks, "Would you like to open the file or save it to your computer?"
"It is extremely hard to answer this question without seeing the contents of the file first," acknowledged Malhotra. "In Office 2010, we have removed this dialog and instead we now just open the file directly in Protected View ....This allows you to look over the contents and make an informed decision if you really trust the file or not."
"This is all driven by hackers using fuzzing tools," said Pescatore, talking about the dark art of hammering on file formats to probe for vulnerabilities. Microsoft has repeatedly had to patch file format flaws in Office applications, most recently in July when it fixed a bug in Publisher 2007 and in June, when it patched seven vulnerabilities in Excel and two more in Word.
Noting that it's impossible for anyone, including Microsoft, to root out every instance of an input error -- the company uses home-grown fuzzing tools on its own products during development -- Pescatore said that the only solution is to give people a way to protect themselves after the fact.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Exponentially Accelerate Data Protection and Recovery with Simpana 10 IntelliSnap® Snapshot Management Technology Are you making the best use of your storage array snapshot functionality? CommVault Simpana 10 IntelliSnap technology manages hardware-based snapshots across multiple vendor...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Desktop Apps White Papers | Webcasts