MS Tool Targets Office 2003 Zero-Day Exploits

Posted on May 11th, 2007 by Jason

plans to ship a file conversion tool to give 2003 users a chance to protect against exploits rigged into .doc, .xls, .ppt documents. The tool, called MOICE ( Isolated Conversion Environment), is a direct response to the nonstop zero-day attacks that use rigged Word, Excel and Powerpoint documents to plant call-home Trojans on government and corporate networks.

has already built new protection mechanisms into the 2007 suite but customers running older versions of are at the highest risk. The statistics are telling: Since January 2006, has shipped 20 bulletins covering code-execution holes in 2003. Over that same period, only 2 bulletins were shipped for 2007.

Facing pressure from .gov and .mil customers, is hoping MOICE can offer some temporary respite for users who have not yet upgraded to 2007. The groundwork for MOICE has already been laid with the decision to ship an update to Group policy as a non-security update during Patch Tuesday.

The group policy update allows IT administrators to have granular control over which types of files users can and cannot access, specifically requiring they open and save only files that are in the OpenXML format. With MOICE, the plan is to give users a free tool to allow 2003 files to be converted to an OpenXML format.

Tags: , , , , ,

Share and Enjoy:
  • del.icio.us
  • StumbleUpon
  • Facebook
  • Google
  • Furl
  • Live
  • MisterWong.DE
  • NewsVine
  • Reddit
  • Slashdot
  • Technorati
  • YahooMyWeb
  • BlinkList
  • description
  • Fark
  • Netvouz
  • Spurl
  • MisterWong
  • Webnews.de
  • Blogsvine
  • description
  • IndiaGram
  • kick.ie
  • Taggly
  • E-mail this story to a friend!
  • Print this article!

This entry was posted on Friday, May 11th, 2007 at 8:44 am and is filed under Office. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Related posts

Leave a Reply