14 DAY TRIAL // The Office 2003 is a victim of its own success. Much in the same way as the Windows platform, Office offers an excellent target but also a vector for attacks, outside of the exploits taking advantage of its flaws. Still, this status quo, fueled by the suite's ubiquity is about to change. Microsoft is right on track to bulletproof the Office 2003 productivity suite following the lessons learned from the Office 2007 System. The Redmond Company revealed that it will make available Microsoft Office Isolated Conversion Environment, a tool designed to deliver additional protection to office 2003 users against malformed Office 2003 files.
"MOICE takes advantage of an effect we noticed while working on Office 2007 - when we get MSRC cases in, we have to check to see whether it affects each version, including new code. One of the things we noticed is that when we converted an exploit document to the new Office 2007 'Metro' format, it would either fail the conversion, emit a non-exploitable file, or the converter itself would crash. The possibility exists that something could make it all the way through, but we haven't seen any of those yet," revealed David LeBlanc, Microsoft Security expert.
Essentially, the Microsoft Office Isolated Conversion Environment will pre-process all documents that qualify as potentially harmful. For example, those that come from untrusted sources. The tool will convert documents between legacy Office and Office 2007 formats, and will then allow the previous version of Office to access the new file format via the converter.
"The way that this works is to associate the old document format extensions with MOICE, which will then upconvert the file to the new format, and hand it off to the real registered app to read in the file that's in the new format," LeBlanc explained.
The implementation of this tool will result in increased security for all Office 2003 users. According to LeBlanc, the conversion process associated with the Microsoft Office Isolated Conversion Environment will strip out exploits from older formats of Office.
Integrating the Microsoft Office Isolated Conversion Environment into the everyday workflow with the Office 2003 suite implies an inherent loss in performance, but the downside is welcomed because of the security advantages. And nowhere will users experience performance penalties more than when dealing with large documents. "Larger documents could take a noticeable amount of time," LeBlanc warned. This because the tool will not only double convert each document , but also strip macros and VBA projects, and also functions in an isolated converter environment designed to defend the tool itself from arbitrary code attacks. "We'll be releasing MOICE in the near future," is the sole availability timeframe that LeBlanc revealed.