Application Guard for Office has arrived
Application Guard was originally an enterprise-level security function provided by Microsoft with the help of Microsoft Defender. This security function comes with a sandbox that can realize automatic isolation.
Now the Application Guard function for the Microsoft Office software suite has also arrived, and Microsoft today announced that this function will be available to enterprise users in full.
Enterprise administrators only need to update and configure the security policy, so that even if employees accidentally click on phishing documents or other malicious documents, they do not need to worry about being poisoned.
Many professional users like to install sandbox software and run part of the software in the sandbox software. The sandbox software can be separated from the system environment. In this way, even if this software has malicious behaviors, it does not matter.
The Application Guard function of Microsoft Defender for Office is an extension of Microsoft’s application protection function on Windows 10.
The killer feature is to directly call the virtual sandbox function to run the file. Take the office software version as an example: when the user opens the file, it runs directly in the sandbox by default.
Therefore, it does not matter even if an attacker sends a phishing document to company employees via email, even if it executes a macro module with malicious code.
Running in the sandbox is not only isolated from the employee system environment but also isolated from the corporate intranet, so Microsoft said it can improve employee productivity without worrying about security.