Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Office 365 now checks docs for known threats before editing
#1
Quote:Microsoft today announced the general availability of the Office 365 Safe Documents security feature which expands the protection provided by Protected View by checking untrusted documents for risks and known threats.

Safe Documents — launched in private preview in February — uses Microsoft Defender Advanced Threat Protection (ATP) to scan documents opened in Protected view and block users from editing them until a verdict is available.

Protected View is a read-only Office mode for opening documents deemed as potentially unsafe where most editing features are disabled to protect the users' from threats.


"Although Protected View helps secure documents originating outside the organization, people too often exit the protection sandbox without considering if the document is safe – leaving their organizations vulnerable," Microsoft said.

"To improve this trust promotion experience for Microsoft 365 Apps, Safe Documents takes away the guesswork by automatically verifying the document against the latest known risks and threat profiles before allowing users to leave the Protected View container."


On endpoints where the Safe Documents feature is enabled, all untrusted files opened in Protected View will be uploaded and scanned by Microsoft Defender ATP, following the privacy and data handling rules detailed here.

During active scans of untrusted documents originating from outside the enterprise users' organizations, the customers will be blocked from leaving Protected View and from editing the content.

If the files are found as being free of malicious content, users will be able to exit the Protected View. If the document is deemed unsafe, the users will be warned and blocked from exiting Protected View.

"Admins can configure whether users can bypass and ‘Enable Editing’ for malicious scenarios in the Admin portal," Microsoft explains. The expected results of a Safe Documents check are available in this support document.

To configure Safe Documents for tenants in their organization (the feature is disabled by default), Security Administrators have to use the Office 365 Security & Compliance Center as detailed here.

More info HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  New EmoCheck Tool Checks if You're Infected With Emotet sidemoon 0 1,729 02-04-2020 , 10:20 AM
Last Post: sidemoon
  Avira Threats Landscape Over 5.5 million threats detected yesterday. mrtrout 0 2,312 11-20-2018 , 11:15 AM
Last Post: mrtrout
  Vault 7: WikiLeaks Docs Hint CIA Could Bypass 21 Security Products scot 1 3,494 03-09-2017 , 10:06 AM
Last Post: AAU
  [ALERT! For Those Who Use Office 365] New Ransomware Targets Office 365 Users giveaway_junkie 1 2,896 06-27-2016 , 04:38 PM
Last Post: Mike
  Windows PowerShell and Google Docs Abused to Spread Laziok Trojan baziroll 0 18,520 04-25-2016 , 12:55 PM
Last Post: baziroll



Users browsing this thread: 2 Guest(s)