Feeds

MS adds sandboxing to Office 2010

Harm reduction tactic aims to block bug exploitation

Secure remote control for conventional and virtual desktops

Microsoft has announced plans to introduce sandboxing technology with the next version of its Office suite.

Office 2010 will incorporate sandboxing technology so that when users want to simply read Office documents, these files will have no access to other files or information. "Even if the file is malicious, it can’t get out of the sandbox and do harm to your computer or data," explains Brad Albrecht, a Microsoft security specialist on the Office 2010 blog.

The sandboxing approach is a well-known mechanism for safely running untrusted programs that has been applied to Java Applets and (more recently) to Google's Chrome browser software. The technology will be used in conjunction with enhanced file (format inspection) blocker features and validity checks to provide a layered defence for Office 2010.

The file blocker, introduced in Office 2007, automatically prevents access to some document types. Improvements introduced with 2010 give users more granular control in managing how Word, Excel, and PowerPoint open their file types.

As Microsoft acknowledges, Office files have become a common payload in targeted hacking attacks over recent months.

"They have been going after many of our file-format parsers and how we read Office files," Albrecht writes. "They’re looking for ways to exploit bugs and to get their code running on your machine. We have done a lot of work to find and fix bugs, but we can’t find everything. We have to take a more proactive approach and build Office to be more resilient to attack."

Microsoft said that the security enhancements would not come at the expense of either performance or usability.

"We strive to make this process as invisible as possible," Albrecht added. "This means no noticeable delay in open times, as well as no dialogs asking you how you feel about security."

Clive Longbottom, a business process analyst at Quocirca, and veteran Microsoft watcher, said Microsoft's security enhancements provide rearguard protection against virus attacks.

"Blackhats have been most successful in the past in embedding code into a real or a false document (either a disguised .exe file, or a set of macros in the document)," Longbottom told El Reg. "The disguised .exe is pretty much covered by anti-virus files these days, but other approaches have left things open."

"This sandboxing means that even if there is malicious code in the document, it cannot do anything. The "read only" approach means that such code shouldn't be capable of running in the first place. This is all necessary as educating users has proven to be nigh-on impossible - they still open things that they shouldn't (and click on links that they shouldn't)," he added.

Longbottom added that while Microsoft's security enhancements were welcome, the software giant would always be playing catch-up with hackers.

"The rest of the approaches are all laudable, but I disagree that it puts Microsoft ahead of the blackhats - it gets Microsoft closer to them, that's all. It will not take long for the blackhats to devise alternative approaches (which may, or may not be Office related). There is just too much to be made from feeding off the mistakes that an end user will make," he concluded.

The changes were also broadly welcomed - with a few caveats on possible performance impairments - by Gartner security guru John Pescatore. The analyst told Computerworld that the enhancements represented a response by Microsoft to more widespread use of fuzzing tools, which automatically test applications for crash or code injection risks in dealing with varied (sometimes malformed) inputs, over the last 18 months or so.

"The bad guys are using fuzzing tools to find vulnerabilities in Office, and now Microsoft is saying, 'Okay, we can't find, let alone fix, every vulnerability. So here's a way to put a sandbox around the vulnerability," Pescatore said. ®

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.