Of MOICE and Microsoft: Securing Office 2003

May 11, 2007

Microsoft says it plans to release a tool called Microsoft Office Isolated Conversion Environment to help protect users of Office 2003 from exploits.

Microsoft officials say plans are on the way for a weapon that can help protect Office 2003 from attacks, though users of even older versions of Office may find themselves left out in the cold.

The company is developing a tool called MOICE (Microsoft Office Isolated Conversion Environment), which converts files from Office 2003 to the new Office 2007 Open XML format in a bid to strip exploits out of the file. Once a file has been cleansed of exploits, it can be opened as normal in Office 2003.

"One of the things we noticed is that when we converted an exploit document to the new Office 2007 'Metro' format, it would either fail the conversion [or] emit a nonexploitable file, or the converter itself would crash," Microsoft Senior Software Development Engineer David LeBlanc wrote in a recent blog post.

"Thus," he continued later in the post, "if we could pre-process documents coming from untrusted sources from the older format to the new format, and then get an older version of Office to use its converter to read in the new file format, the customer is going to end up safer."

Microsoft officials gave no specific date for when MOICE would be ready, but said the Redmond, Wash., company is working to make it available as soon as possible. The tool is specifically aimed at Office 2003. However, people using older versions such as Office 2000 or Office XP can use a compatibility pack that enables users to open, edit and save files in the Office 2007 format.

"The tool is a good thing for Office 2003 users from a security perspective, but it is a very kludgy approach," said John Pescatore, a Gartner analyst.

The problem, he said, is attackers will be able to see what the converter does and potentially come up with ways to bypass it.

"MOICE is not an end-all to the malicious [or] malformed Office .doc problem," Pescatore said. "But for enterprises that want to stay on Office 2003 for a few more years and have not invested in the desktop security products from folks like McAfee, Symantec and others that have behavior-based malware protections, MOICE will give a good increase in security."

Josh Edwards, technical product manager for Microsoft Office, said the conversions take place in an isolated sandbox environment so they can be done securely. The tool was designed with enterprises in mind, he said, explaining that attacks involving MS Office are typically targeted attacks and not simply sent to the everyday user.

The additional security comes with a potential drawback, though: It will take longer to open files, particularly large ones, Edwards said. Just how long can depend on many factors, such as whether or not the document includes graphics, he said.

"The user will notice," Edwards said. However, he said, "Is it something where you'll get up and get a coffee? No."

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Mandela phone app for tourists in S.Africa

Related Stories

Judge: Man charged in Facebook fraud case apparently fled

Mar 10, 2015

A New York man has apparently escaped his electronic monitoring bracelet and fled rather than face charges that he fraudulently claimed an ownership stake in Facebook, a judge said Tuesday as he revoked bail and questioned ...

Giant virus revealed in 3-D using X-ray laser

Mar 03, 2015

For the first time, researchers have produced a 3-D image revealing part of the inner structure of an intact, infectious virus, using a unique X-ray laser at the Department of Energy's SLAC National Accelerator ...

Recommended for you

Mandela phone app for tourists in S.Africa

3 hours ago

A phone app tracing the footsteps of Nelson Mandela was launched Wednesday in South Africa to encourage tourists to explore his life story, 25 years after his release from prison.

App to test synaesthesia

3 hours ago

Four in hundred people have a special mix up of their senses, called synaesthesia. A new app from Radboud University contains four playful tests for synaesthesia. Should you happen to have synaesthesia, you ...

Windows Insiders can try out Project Spartan browser

Mar 31, 2015

Microsoft has opened up the (literal) windows, called in creatives, and has been engineering a next-generation browser. Project Spartan is to reflect the general mood of fresh air at Redmond. Although "Project ...

New taxi app challenges Uber in S.Korea

Mar 31, 2015

South Korea's top mobile messenger operator launched a new web-based cab-hailing service Tuesday to compete with California-based Uber, whose service has been subjected to crackdowns from state regulators.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.