In early 2020, Microsoft announced some security features for Microsoft 365, including Application Guard. The company has now announced that Application Guard is available on Office.
This feature quarantines documents from untrusted sources sources in a separate container before opening them, to prevent the threat of malicious attacks. Microsoft also said that it will analyse every malicious attack that Application Guard contains to improve its threat intelligence.
In a Microsoft blog post, John Barbare said that “Microsoft Office will open files from potentially unsafe locations in Microsoft Defender Application Guard, a secure container, that is isolated from the device through hardware-based virtualization,” and that “When Microsoft Office opens files in Microsoft Defender Application Guard, a user can then securely read, edit, print, and save the files without having to re-open files outside of the container.”
Working on Word, Excel and PowerPoint
Documents that are obtained from potentially unsafe areas are opened in a virtualised environment, aka a sandbox, where malicious code can’t harm your PC. When using Word, Excel or Powerpoint, the program will indicate that the document in use has been opened within Application Guard with on screen signals, including a notice in the app’s ribbon as well as the icon on the task bar being marked differently. You can choose to disable this protection on a specific file if needed, as long as you’re certain that the file is safe. Application guard also works with Microsoft defender on emails in Outlook.
This new feature is set to be off by default, and administrators will need to set the correct policy for each user in the domain.