Microsoft to Office 365 ProPlus users: This new feature cuts malicious docs risks
Microsoft has released the public preview of an Office 365 ProPlus security feature that promises to catch malware when users open Office documents outside the Protected View sandbox.
Safe Documents or ‘Safe Docs’ is Microsoft’s latest effort to shield users from malicious documents coming into an organization.
While the Office Protected View sandbox does isolate the operating system from malicious code in a document, users often exit Protected View to get a job done – for example, when they need to print a physical copy – exposing the organization’s network to ransomware, information theft, and other threats.
While many people these days only print documents when it’s absolutely necessary, printing is still a common request in office environments, according to Ron Pessner, Microsoft’s partner director of program management.
SEE: 20 pro tips to make Windows 10 work the way you want (free PDF)
So Safe Docs is aimed at those occasions, such as printing, where users really do need to exit Protected View.
“Safe Documents verifies that the documents are safe to open outside the container if [users] have a need to do that,” Pessner told ZDNet.
Safe Docs uses the same backend as the Microsoft Defender antivirus service, meaning it checks the file against all known potential threats before the document is opened in a Protect View container on the PC.
The idea is to make it easier for workers to get the job done. For example, Safe Docs means users aren’t individually asked to decide whether a document should be trusted before opening it.
Microsoft is also expanding its private preview of Application Guard for Office 365 ProPlus. Application Guard first arrived for Edge – and is supported on the new Chromium-based Edge – and now it’s being integrated with Office 365 ProPlus.
Application Guard for Edge lets enterprise Windows 10 users browse the web without needing to worry about web-based attacks thanks to hardware-level containerization, which isolates what happens in the browser from the operating system.
Similarly users can open untrusted Office Word, Excel, and PowerPoint attachments in a virtualized container with fewer worries that doing so will compromise the corporate network.
The feature is designed to upgrade Protected View for Office apps, but with additional container-based isolation, which blocks access to memory, local storage, other apps, corporate devices, and other resources that could be compromised.
Safe Docs and Application Guard connect to the Microsoft Security Center, so admins can see and respond to security alerts and logs, and ensure an attack is contained.
Safe Documents and Application Guard will be available to customers with Microsoft 365 E5 and E5 Security.
Safe Docs is initially available for organizations in the US, UK, and European Union.