Microsoft has released Application Guard for Office, a feature that opens untrusted Word, Excel and PowerPoint documents in a sandbox to protect users from potential threats.
Microsoft made Application Guard generally available this week to companies with a 365 E5 or E5 Security license. When subscribers receive the feature will depend on whether they get immediate, monthly or semi-annual updates. Application Guard had been in public preview since August.
Application Guard for Office opens an untrusted document in a Hyper-V-enabled container to protect users against viruses, worms and other malware. The software isolates files in the container so malicious code can’t infect applications on a computer.
Microsoft previously used Protected View to shield users from threats. However, it gave people only the option of opening files in a read-only mode or the 365 software. Application Guard lets users edit, print and save documents while in quarantine.
Microsoft said users who deem a document safe may opt to remove the file’s Application Guard protection. Companies that use Microsoft Defender can have the software scan documents for malware before employees open them.
If a company uses the Safe Documents feature in Microsoft Defender, the document will be scanned for malware before a user opens it.
Constellation Research analyst Liz Miller said Application Guard is a useful tool for preventing malware infections. But it is not a replacement for training users about security threats.
“People who make bad decisions … are often doing it because they don’t know what to look for,” Miller said. “Or [they] have the naïve belief that there is a security safety net that will always be there to catch them.”
The Application Guard feature is off by default. Once an IT administrator turns it on, it will open files downloaded from the internet or received as an email attachment. The software also opens files stored in temporary folders or created in previous Office versions.
Mike Gleason is a reporter covering end-user computing topics such as desktop management. He previously covered communities in the MetroWest region of Massachusetts for the Milford Daily News, Walpole Times, Sharon Advocate and Medfield Press. He has also worked for newspapers in Central Massachusetts and Southwestern Vermont and served as a local editor for Patch. He can be found on Twitter at @MGleason_TT.