MS Will Sandbox, Not Patch, Office 2010 Vulnerabilities
Microsoft has a reputation for rarely admitting or accepting defeat in any market. But the company is now waving the white flag of surrender after admitting that they can no longer keep up with hackers when discovering file format bugs in time to stop them from exploitation.
That doesn't mean that Microsoft is prepared to let online deviants have their way with software vulnerabilities. Instead, the company has decided to take a "sandbox" approach to Office documents in the next version of the application suite.
The Sandbox Technique
The sandbox technique will be a new addition to Office 2010 and will feature a "Protected View" setting that isolates Word, Excel and PowerPoint files in a read-only environment. Sandboxing gives minimal access to the rest of the computer and offers zero access to other documents and personal information.
The logic behind this system is that even if a document is suspicious (and later rendered malicious) it is essentially "trapped" inside of a virtual sandbox so that it can do no harm to any other files outside of that particular document.
Hackers Fuzz, Microsoft Chases
A number of security analysts believe that hackers have been using "fuzzing" measures to retrieve personal information and infect computers worldwide. Fuzzing is a tactic that relies on automated tools that drop random data into applications to see if, and where, vulnerabilities exist. (Source: computerworld.com)
The whole practice of fuzzing has led Microsoft on an 18-month wild goose chase that has reportedly created more frustration than success.
The sandbox technique is just one of a few new security measures embedded into Office 2010. Other safety features include a more flexible file blocker and "Office File Validation," a practice that was rolled out in Publisher 2007 Service Pack 2 (SP2).
Two More Security Features
The file blocker restricts access to specified document types. Microsoft announced that Office 2010 will let users customize this feature to better manage which formats Word, Excel and PowerPoint open.
Office File Validation, on the other hand, is a system that validates older, pre-XML file formats for Word, Excel and PowerPoint, then blocks those files that do not conform to the documented format. The idea here is that malicious documents would trigger a block from the onset, while the new sandbox feature would then activate and take over from there. (Source: cio.com)
Microsoft promised that the new security features offered in Office 2010 will have very little impact on the document load time. However, there is always the chance that the system requirements may impact the computer's memory and processor resources during future startups.
Infopackets Top Windows 10 FAQs
How to Upgrade from Windows 10 32-bit to 64-bit
How to Fix: Windows 10 Antivirus Missing, Not Compatible
How to Fix: Windows 10 Display Shifted; Screen Fuzzy
How to Upgrade Windows 7, 8 32-bit to Windows 10 64-bit
to Downgrade from Windows 10
- How to Fix: Windows 10 Upgrade Failed Error C1900208
- How to Fix: Windows 10 Upgrade Failed Error 80240020
- Can I Cancel my Windows 10 Reservation and Reserve Later?
- How to Clean Install Windows 10 using Windows 7, 8 License
- Will Windows 10 Install Automatically?
- Windows 10 Upgrade: Do I have to Reinstall Programs?
- Windows 10 Upgrade: Can I choose 32-bit or 64-bit?
- Which Version of Windows 10 Will I Get (Home or Pro)?
- How to Reserve Windows 10 Upgrade (Free)
- How to Fix: CPU Not Compatible with Windows 10 Error
- Windows 10 Upgrade: Can I keep my Old Windows Install?
- How to Cancel Windows 10 Reservation (Properly)
- Download Windows 10 .ISO (DVD) for Clean Install?
- Microsoft: Windows 10 Will Be The Last Version
- Does Windows 10 require the CPU to support PAE?
- Windows 10: Can I Upgrade or do I need a Clean Install?
Click here for more Windows 10 articles.