A new feature called an Application Guard is available to Microsoft Office 365 ProPlus, which allows users to open attachments in a virtualized container that will prevent Windows from malicious macro and exploits.
Microsoft Edge for Windows 10 includes the Windows Defender Application Guard feature that lets you start your browser tab in a special sandboxing environment. Because this browsing environment is sandboxed, all unauthorized sites attempting to exploit vulnerabilities, upload malware, and malicious actions will be prevented.
The same virtualized sandbox is now available in Microsoft Office to protect users from malicious attachments widely used for malware deployment.
Application Guard for Microsoft Office
Now, users of Microsoft Office 365 ProPlus receive a similar feature called the Microsoft Office Application Guard.
This feature allows an Office document such as a Word document or the Excel table to be opened in a virtualized container that is hardware protected and restricted from accessing the regular operating environment of Windows.
A sandboxed environment prevents malicious macros from installing malware, exploiting vulnerabilities, or from running PowerShell or JavaScript commands that can affect the usual Windows environment when users are able to print, edit or save changes.
If a user wants to “trust” a file, before using the document, the document will first be scanned using the Threat Cloud for additional protection of Microsoft Defender Advanced Threat Protection.
Because spam emails containing Word and Excel documents are one of the most common vectors for installing malware including ransomware, robbery and keylogging trojans, RATs and malware downloaders, this defense is an important tool for every client.
This feature is currently in restricted forecast and will usually be available in summer 2020.
