In association with heise online

24 July 2009, 20:21

Microsoft builds a sandbox for Office 2010

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Microsoft's developers have realised that, it's impossible to find and fix all of the errors and vulnerabilities in the Office suite because of its complexity due to the number of old formats that it has to support. On the other hand, Microsoft Office applications are a prime target for trojan and malware writers that seek out security vulnerabilities to exploit for targeted attacks.

According to a post on the Microsoft Office product development group blog by Brad Albrecht, future Office programs are going to open all documents that are in any way suspect in a sandbox. While there, the document will have strictly limited ways of interacting with the system that it's running on. In particular, it won't be able to read, far less change, any local files. Java, for example, uses a similar sandbox mechanism to run applets obtained from the internet, without causing any hazard to the local system.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit