Microsoft's new Office Security tools


Office for Mere Mortals
Your beginners guide to the secrets of Microsoft Office
Invalid email address
Tips and help for Word, Excel, PowerPoint and Outlook from Microsoft Office experts.  Give it a try. You can unsubscribe at any time.  Office for Mere Mortals has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy

From: Microsoft

Here’s the official line on Microsoft’s new security tools for Office — we’ll look at them in detail soon but for the moment we DON’T recommend using them.

Today we are announcing the availability of the Microsoft Office Isolated Conversion Environment (MOICE) feature and more widely notifying customers of the File Block functionality for Microsoft Office 2003 and the 2007 Microsoft Office system. Both features are designed to make it easier for customers to protect themselves from Office files that may contain malicious software, such as unsolicited Office files received from unknown or known sources. MOICE makes it easier by providing new security mitigation technologies designed to convert specific Microsoft Office files types, while File Block provides a mechanism that can control and block the opening of specific Microsoft Office file types.

The Microsoft Office Isolated Conversion Environment (MOICE) uses the 2007 Microsoft Office system converters to convert Office 2003 binary documents to the newer Office open XML format. The Conversion process helps protect customers by converting the Office 2003 binary file format to the Office open XML format in an isolated environment. In summary, MOICE provides a mechanism for customers to pre-process potentially unsafe Office 2003 binary documents, by virtue of the conversions process it provides customers with a greater degree of certainty that the document can be considered safe.

We encourage Microsoft Office customers to review the related Knowledge base article and consider whether MOICE can help protect users in your IT environment. For more information about this release, see Microsoft Knowledge Base Article 935865.

What versions of Microsoft Office are associated with this advisory? 
This advisory focuses upon Office 2003, the 2007 Office system, and the Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats.

Can I use these new features with Office 2000 and Office XP? 
No, customers could use MOICE with Office 2003 or 2007 to pre-process unsafe Office 2003 binary files and save them to the Office 2007 open XML format. That converted and saved file could then be opened by Office 2000 and Office XP users that have the Office Compatibility Pack for Word, Excel and PowerPoint 2007 File Formats installed. The Office Compatibility Pack for Word, Excel and PowerPoint 2007 File Formats installed can be downloaded from the following Web site.

Do I have to install Both MOICE and File Block together for to successfully use the features? 
No, the two technologies are independent of one another, but if required they can both be installed and/or enabled at the same time. However, Microsoft does strongly recommend using the two features in conjunction with one another to provide the highest level of protection when threats exist.

Are there software prerequisites before installing MOICE? 
MOICE requires the Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats to be installed, and is only supported for use with Office 2003 and the 2007 Office system.

How will Microsoft list the MOICE update on the Microsoft Update Web site?
The MOICE update will be provided as a recommended update on the Microsoft Update Web site on June 12, 2007. In the meantime, customers can download the MOICE update from the Microsoft Download Center.

How does MOICE actually work to protect me? 
MOICE works by converting Office 2003 binary format files to the newer 2007 Office open-XML format. During the conversion of an unsafe file, MOICE will fail to convert the file, create a safe version of the file, or the converter itself will crash; the mere process of conversion and achieving one of three possible outcomes is what protects customers. Additionally, the conversion process itself takes place in an isolated environment, so even if the unsafe Office file being converted contains exploit code it is extremely unlikely that exploit code would affect a user’s system.

Should I install MOICE even if I have kept my Office 2003 system or my 2007 Office system up-to-date? 
MOICE provides a mitigation that administrators and users can use to protect themselves when the threat of an attack from potentially unsafe Office 2003 binary documents exists. This threat may occur even if your Office 2003 software has been kept up-to-date, for example if a previously unknown new “zero-day” vulnerability in Office is discovered which could be used to attack users of Microsoft Office.

Are there software prerequisites for installing or enabling File Block? 
File Block functionality requires that users have one or more of the following applications installed: Excel 2003, PowerPoint 2003, and Word 2003, or Excel 2007, PowerPoint 2007, and Word 2007. Excel 2007, PowerPoint 2007, and Word 2007 have File Block functionality built in by default but not enabled. To enable it on Excel 2003, PowerPoint 2003, Word 2003 customers should review Microsoft Knowledge Base Article 922849, Microsoft Knowledge Base Article 922848 and Microsoft Knowledge Base Article 922847 to determine what is required to be installed.

How will Microsoft list the File Block update on the Microsoft Update Web site? 
File Block functionality is not explicitly listed as an update on the Microsoft Update Web site. The 2007 Microsoft Office system, specifically Excel 2007, PowerPoint 2007, and Word 2007, includes File Block functionality by default. There is no need to download an update. Microsoft Office 2003 users, specifically users of Excel 2003, PowerPoint 2003, and Word 2003, must download additional updates. Customers should review Microsoft Knowledge Base Article 922849, Microsoft Knowledge Base Article 922848 and Microsoft Knowledge Base Article 922847 to determine how and from where the updates can be installed.

How does File Block actually work to protect me? 
File Block works by making Excel 2003, PowerPoint 2003, and Word 2003, or Excel 2007, PowerPoint 2007, and Word 2007 check the FileOpenBlock subkey in the Windows registry before opening specific Office file types. If a user initiates a file open within Office, the Office software first checks the FileOpenBlock subkey. If the file type the user is opening is on the restricted list it will be blocked, otherwise it is opened as normal.

Should I use File Block even if I have kept my Office 2003 system or my 2007 Office system up-to-date? 
File Block provides an additional mitigation that administrators and users can use to protect themselves when the threat of an attack from potentially unsafe Office 2003 or 2007 Office file types exists. This threat may occur even if your Office 2003 or 2007 Office software has been kept up-to-date, for example if a previously unknown new “zero-day” vulnerability in Office is discovered and then used to attack users of Microsoft Office.

subs profile e1563205311409 - Microsoft's new Office Security tools
Latest news & secrets of Microsoft Office

Microsoft Office experts give you tips and help for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  Office Watch has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy
Invalid email address