Microsoft said on Tuesday that it plans to introduce File Validation for Office 2003 and 2007 users.
File Validation, currently only available in Office 2010, scans older versions of Office documents and loads any files it finds suspicious into a Protected View. Users are alerted that the file appears to be suspicious and can still read the content of a document in a secure view. Microsoft’s File Validation for Office will provide the following to Office 2003 and 2007 users:
- The File Validation functionality will now be available. This feature will verifies the contents of .doc, .xls, .ppt and .pub files as they are being read, and if it detects an issue, display a warning informing the user that there is a potential issue with the file.
- At some point in the future, Microsoft anticipates issuing “signature files” that provide new information for use by the File Validation functionality. These signature files will typically include information that File Validation can use to detect previously unknown vulnerabilities in files, and warn the user appropriately. It is anticipated that installing a signature update will be less disruptive than deploying a Security Bulletin, especially for large Office deployments.
Microsoft is promising to release Office File Validation for Office 2003 and 2007 in the first quarter of next year. “We have found a way to bring some of these protections to older versions of Office and today we are glad to report Microsoft has ported the File Validation functionality to Office 2007 and Office 2003,” said Bob Furth, a Security Program Manager at Microsoft.
Microsoft says it’s announcing the product early so customers can begin creating deployment plans. “In the coming weeks, we will be providing more information on deployment and configuration as well as giving a more definitive release date,” said Carlene Chmaj, Senior Response Communications Manager at Microsoft.