Windows IT Pro is the leading independent community for IT professionals deploying Microsoft Windows server and client applications and technologies.
  
  
  Advanced Search 


May 22, 2007

Microsoft Ships Office Security Tools

A Web Exclusive from WinInfo
Paul Thurrott
WinInfo
InstantDoc #96118
WinInfo
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
Subscribe to Windows IT Pro | See More News and Analysis Articles Here | Reprints | Or get the Monthly Online Pass—only $5.95 a month!

Microsoft this week shipped two tools for Microsoft Office 2007 and Office 2003 users aimed at protecting users of those products from so-called "zero-day" electronic attacks. The tools convert Office documents into Open XML formats and allow administrators to block particular Office file types, respectively.

"Both features are designed to make it easier for customers to protect themselves from Office files that may contain malicious software, such as unsolicited Office files received from unknown or known sources," a Microsoft security advisory announcing the availability of the tools reads. "When used together they are an effective mitigation strategy for customers when the threat of attack using certain Office types exists. This enables customers to continue using Microsoft Office with a high degree of assurance that the files being opened are considered safe and will not infect users with malicious software."

The first tool, the Microsoft Office Isolated Conversion Environment (MOICE), uses the file type converters that first debuted in Office 2007 to convert Office 2007 and Office 2003 binary documents to the new Open XML file formats in an isolated environment, Microsoft says. In this way, potentially unsafe Office documents can be converted into safe XML-based documents that can't succumb to the various electronic attacks currently targeting binary documents.

The second tool, the File Block Functionality for Microsoft Office, allows administrators to restrict which file types that Microsoft Excel, PowerPoint and Word 2007 and 2003 can open using registry settings or Group Policy. This gives corporate environments a quick way to shut down access to potentially dangerous Office binary file types in the event of an emerging electronic attack.

Although these tools are certainly welcome, I'm curious whether Microsoft will use the recent spate of Office document attacks as a new rationale for moving its customers over to the new Open XML document formats it introduced with Office 2007. Because these XML-based formats are immune to the vulnerabilities that afflict the older Office formats, customers suddenly have another reason to migrate to Microsoft's latest Office version.

End of Article

Reader Comments
My question is - did they solve the 128 character music problem?? I can't tell you how distraught I am for bonch about the fact this hasn't been fixed.

jersey72 May 23, 2007 (Article Rating: )

I love this:

"During the conversion of an unsafe file, MOICE will fail to convert the file, create a safe version of the file, or the converter itself will crash," an advisory on Microsoft's site reads. "The mere process of conversion and achieving one of three possible outcomes is what protects customers."


Only at Microsoft is "the converter itself will crash" considered a successful outcome.


The quote is from the MS article at this location:
http://support.microsoft.com/kb/935865

bdkjones May 23, 2007 (Article Rating: )

"Only at Microsoft is "the converter itself will crash" considered a successful outcome."

that would mean the original file isn't valid, so yes, it protects customers. i'd say that if the convertor crashes, you'd have more important things to worry about than, well, the convertor crashing.

isn't that what happens to any binary data parser without preprogrammed error codes anyway?

(try programming sometime)

XP

Waethorn May 24, 2007 (Article Rating: )

@bdk

Vista will BSOD if a rootkit tries to take over the system.

Crashes are not always a *bad* thing. If you ever have tried to write an app, you will soon discover, *especially* with importing/exporting files, that anticipating *every* *single* condition is virtually impossible.

Now what would be funny is if a malformed Office file could take control of your computer via the converter...

NateB2 May 24, 2007 (Article Rating: )

Nate:

Oh, yea, I absolutely realize that bad code causes crashes. You're talking to someone who has brought quite a few browsers to their knees with bad Javascript. ;)

I can certainly understand how malicious code could cause a crash. I'm just pointing out that it's funny that the article would call that outcome "successful." It's kind of like NASA crashing the Mars rover into the planet because they forgot to convert feet to meters and then saying, "Well, we got to Mars, didn't we? Get off our back about it!"

bdkjones May 24, 2007 (Article Rating: )

"Vista will BSOD if a rootkit tries to take over the system. "

BSOD is acceptable. That is a system trap that prevents any further execution period, even at the highest privileges.

Depending on how the operating system is written, a 'crash' could be used to find memory references to insert malicious code with elevated privileges. I'm not saying this is possible in Vista, I personally doubt it, but on a more basic OS, see 'back in the day', this is how people would do it.

In any case, yes crashes tell you something, but where this information goes should not be to the user. Unstable program activity is never a 'good thing'. Even a malformed input file should not cause instability.

Why do you think even the most fundamental and age-old parsing functions return an integer? Because you always want to know why unexpected results happen so you can encode the behavior into your application.

Yes it is hard to catch _every_ situation, that's why you include baseline _stable_ default functionality that is the reaction to every case, that way even if you forget something, stability is not sacrificed and graceful degradation can be achieved for debugging purposes later.

Welcome to system programming 101. Your professor will be Mr. Common Sense.

will84 May 24, 2007 (Article Rating: )

You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor? Register now




Top Viewed ArticlesView all articles
Command Prompt Tricks

One reader shares his tip for setting up the command prompt to reflect a remote path. ...

WinInfo Short Takes: Week of November 9, 2009

An often irreverent look at some of the week's other news, including some more Windows 7 sales momentum, some Sophos stupidity, Microsoft's cloud computing self-loathing, more whining from the browser makers, Zoho's "Fake Office," and much, much more ...

Understanding File-Size Limits on NTFS and FAT

A general confusion about files sizes on FAT seems to stem from FAT32's file-size limit of 4GB and partition-size limit of 2TB. ...
Related Articles Office 2007's Security Features in a Legacy Office Environment
Related Events Check out our list of Free Email Newsletters!
News and Analysis eBooks Getting Maximum Performance from Your Web-based Applications

Business Process Automation - Managing Cost in Your Enterprise
Related News and Analysis Resources Introducing Left-Brain.com, the online IT bookstore
Looking for books, CDs, toolkits, eBooks? Prime your mind at Left-Brain.com

Discover Windows IT Pro eLearning Series!
Clear & detailed technical information and helpful how-to's, all in our trademark no-nonsense format


ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
EMC SAN vs. DAS Exchange 2007 Calculator
Calculate your savings now!

Let Your Users Reset Their Own Passwords: Free Download
Try a 30 day free trial of Desktop Authority Password Self-Service – it provides an easy-to-use, robust system for allowing users to reset their own forgotten passwords or locked accounts.


Disaster Recovery Strategies – Tips and Tricks
Determine how you can achieve your DR objectives as simply and cost-effectively as possible.

Get Windows IT Pro & Mark Minasi’s Favorite Power Tools Guide
Order Windows IT Pro now and get "More of Mark Minasi's Favorite Power Tools"--a in-depth guide to the most useful Windows commands --FREE with your paid order! Subscribe today, and save 58% off the cover price!

Migration, Virtualization, Availability, and Desktop Management
Realize the importance of a workload optimization strategy...it can affect your bottom line!

Deep Dive into VMware vSphere, eLearning Series
Join John Savill to explore the major functionality capabilities of the vSphere virtualization platform, including identification of the changes from ESX 3.5.
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro DevProConnections IT Job Hound
Left-Brain.com Technology Resource Directory asp.netPRO ITTV Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 © 2009 Penton Media, Inc. Terms of Use | Privacy Statement