Updated: July 14, 2020 (May 28, 2007)

  Analyst Report

Security Tool Scrubs Office Files

My Atlas / Analyst Reports

470 wordsTime to read: 3 min
Rob Helm by
Rob Helm

As managing vice president, Rob Helm covers Microsoft collaboration and content management. His 25-plus years of experience analyzing Microsoft’s technology... more

A new command-line utility can scrub many security vulnerabilities from Office files. The Microsoft Office Isolated Conversion Environment (MOICE) utility runs on desktops and can eliminate many features of older Office binary formats that have been exploited by recent “zero-day” attacks-attacks that take advantage of previously unknown vulnerabilities. However, the utility does not preserve all data in the files that it processes, so it will mainly serve very security-sensitive environments.

Office 2007 Conversion Reduces Risk

The utility works by converting files to the Office 2007 XML-based formats, a process that eliminates macros as well other binary format features (such as embedded memory pointers) that have been exploited by attackers. The utility runs with very low privileges (hence, “isolated”) so that files that compromise the utility itself are unlikely to damage the user’s computer.

Using Group Policy, administrators set up MOICE so it automatically processes any binary Office file that a user opens. Administrators register the utility as the default application for binary Office formats on every computer, and have the utility automatically run Office to open each Office 2007 file that it produces. On computers that run Office 2003 rather than Office 2007, administrators can install the Compatibility Pack patch, which enables Office 2003 to open files in Office 2007 formats.

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now