Ryan Naraine yesteray blogged "New MS tool isolates Office 2003 zero-day exploits" where he describes a new tool aimed at MS Office 2003 users to prevent the risk from zero-day attacks. His blog says:
"The tool, called MOICE (Microsoft Office Isolated Conversion Environment), is a direct response to the nonstop zero-day attacks that use rigged Word, Excel and Powerpoint documents to plant call-home Trojans on government and corporate networks."
"Microsoft has already built new protection mechanisms into the Office 2007 software suite but customers running older versions of Office are at the highest risk. The statistics are telling: Since January 2006, Microsoft has shipped 20 bulletins covering code-execution holes in Office 2003. Over that same period, only 2 bulletins were shipped for Office 2007."
"When installed on desktop machines and used in conjunction with Group Policy settings, MOICE initiates a process that converts documents in legacy (.doc) formats to OpenXML formats, stripping out potentially harmful elements that could pose a potential security risk."
"The conversion process takes place in a safe, quarantined sandbox environment, so the user's computer is fully protected."
Read Ryan's blog for full details. I recommend enterprises consider this if you're not using Office 2007.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us