Microsoft may finally resolve the Macro threat
Microsoft has revealed a plan to implement a range of security enhancements, including one that promises to make one of the most prevailing cyber threats — malicious Microsoft Office Macros — a thing of the past.
In a blog post, Microsoft Security Corporate Vice President Rob Lefferts said the company is working hard to deliver “endpoint security from Microsoft, not just for Microsoft”.
At the Microsoft Ignite Conference last week, the company provided details of a range of such initiatives, such as a plan to port the hardware-level containerisation technology integrated into the Microsoft Edge browser onto the Office 365 suite.
The company provided an early preview of a build of Office 365 ProPlus with integrated Application Guard capabilities.
This would allow users to open all untrusted Word, Excel or PowerPoint files in a virtualised container, while still allowing for the documents to be printed, edited and saved, effectively neutering the ability of Macro exploits to infect targeted machines.
When users want to flag a document as trusted, the file is automatically checked against the Microsoft Defender ATP threat cloud.
Microsoft has also announced expanded capabilities for the Office 365 ATP cloud-based email filtering service, including enhanced automated compromise user detection and response capabilities.
Lefferts said introducing automation to Office 365 ATP has blocked 13.5 billion malicious emails this year. The company announced the general availability of Automated Incident Response for the platform in September.
Another enhancement will include the development of a new campaign-based view designed to allow security professionals to view the entire scope of an attack campaign targeted at their organisation.
Microsoft Defender ATP is meanwhile also being enhanced with new capabilities including integration with ServiceNow for improved IT/security collaboration, role-based access control support and automated user impact analysis.
The platform is also introducing a new ‘experts on demand’ service that will allow security operations centres to engage directly with Microsoft security analysts.
Other products announced at Ignite include Enterprise Detection and Response for Apple Macs and Threat and Vulnerability Management for servers.
Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.
Inrel's new cryogenic control chip could bring us closer to a practical, commercially viable...
We want your help to improve our member services, so please take two minutes to fill in our short...
The company has released the Windows 10 Insider Preview Build 19033 in both the fast and slow...