Microsoft admits it can't stop Office file format hacks

Plans to build 'sandbox' around questionable docs in Office 2010 as defense

Microsoft's plan to "sandbox" Office documents in the next version of its application suite is an admission that the company can't keep hackers from exploiting file format bugs, a security analyst said today.

"What's been happening is that Office has lots of vulnerabilities," said John Pescatore, Gartner's primary security analyst. "For the past 18 months, hackers have been fuzzing Office file formats," he said, referring to the practice of "fuzzing," a tactic that relies on automated tools that drop random data into applications to see if, and where, breakdowns occur.

Fuzzing has been a hacker's best friend: Microsoft has repeatedly had to patch file format vulnerabilities in Office applications, most recently in July when it fixed a flaw in Publisher 2007 and in June, when it patched seven vulnerabilities in Excel and two more in Word.

"What's happening is that the bad guys are using fuzzing tools to find vulnerabilities in Office, and now Microsoft is saying, 'Okay, we can't find, let alone fix, every vulnerability. So here's a way to put a sandbox around the vulnerability."

The sandbox technique Pescatore mentioned is a new addition to Office 2010, the upcoming upgrade to Microsoft's bestselling Windows application suite.

According to Brad Albrecht, a senior security program manager with the Office team, Office 2010 will sport something called "Protected View" that isolates Word, Excel and PowerPoint files in a read-only environment. The sandbox, said Albrecht in a post to a company blog this week, will have "minimal access to the system, and no access to your other files and information. Even if the file is malicious, it can't get out of the sandbox and do harm to your computer or data."

"That's a good thing," Pescatore agreed. "Sandboxing and isolation are always good things in security, if only to limit the damage of a malicious file."

Albrecht also spelled out other security measures that Office 2010 will implement, including a more flexible file blocker and a suite-wide roll-out of "Office File Validation," a practice that was rolled out in Publisher 2007 Service Pack 2 (SP2).

The file blocker, introduced in Office 2007 then back-ported to Office 2003 in September 2007 with SP3, automatically bars access to some document types. Albrecht said that Office 2010 will let users fine-tune the feature to better manage which formats Word, Excel and PowerPoint open.

"File blocking was a real broad-brush thing in Office 2007," said Pescatore, "and it would give users obscure error messages." He applauded the move toward flexibility in the file blocker.

Office File Validation, meanwhile, is a system that validates older, pre-XML file formats for Word, Excel and PowerPoint, then blocks those that don't conform to the documented format. Documents that contain malicious code would presumably trigger the block. At that point, Office 2010 will hand off the file to the Protected View sandbox.

"There's still a trade-off," said Pescatore, talking about the improved security Microsoft plans for Office 2010. "The file in the sandbox is read-only, but if I need to open it and add something to it, that's going to annoy users."

Another downside, said Pescatore: Sandboxing, which is essentially lightweight versions of virtual machines, consumes PC resources. "On the other hand, PCs are getting faster, so we have the ability to throw more cycles at [sandboxes]."

Albrecht claimed that the new security features in Office 2010 would have "an indistinguishable performance impact on your [document] load time," but didn't go into detail about system requirements or the impact on the machine's memory and processor resources.

Microsoft declined to make Albrecht available to answer follow-up questions about Office 2010's security plans.

But Pescatore likes what he sees in Microsoft's bird's-eye view. "To build a sandbox, especially around Word docs, that's a very good idea."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags MicrosoftMicrosoft Office 2010

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Show Comments

Brand Post

Bitdefender 2018

With determination and drive, you achieve outstanding performance! Get Bitdefender Total Security 2018 Now!

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?