How to open Protected View files in MS Word

ms-word-protected-view-files
Vikas on the Microsoft Office Trustworthy Computing security team explains how a new feature in Microsoft Word 2010 called Protected View.

In his article he discusses how hackers have discovered ways to manipulate Office binary files so that when they are opened and parsed, they cause their own code embedded within the file to run. To address these binary file parsing attacks in Office 2007, several new XML based file formats were introduced.

Word 2010 Open in Protected ViewOne of the new features in Microsoft Word 2010 is the Protected View, which lets you open a Word/Excel file over the web — via Microsoft’s intermediate sandbox — and then display it for you if it’s deemed to be safe to open.

What is Protected View?

Protected View is a new security defense-in-depth features added in Office 2010.

  • In Office 2010 when a file appears to be from a potentially risky location, such as the Internet, it is opened in Protected View.
  • Protected View appears like any other read-only view.
  • When the file is opened in Protected View, it is being opened in the new Office 2010 sandbox.
  • Office 2010 sandbox is the “next version” of the MOICE sandbox, thought no file conversation takes place.
  • What happens is that the file is opend within a sandboxed instance of the application (e.g. Word, Excel, PowerPoint) and if there was malicious code present in the file, the code will not be able to tamper with your documents; change your profile or other user settings.

Word 2010 Open in Protected View 2

When is Protected View used?

Microsoft’s goal when designing this feature was to only use it in high risk scenarios:

1. Files opened from the Internet.

When a file is downloaded from the web, the Windows Attachment Execution Service places a marker in the file’s alternate data stream to indicate it came from the Internet zone.

When a Word, Excel or PowerPoint file is opened — and has this marker — it opens in Protected View until the user decides to trust and edit it. To do this, press Enable Editing.

Attachments opened from Outlook 2010

When an attachment is opened from Outlook 2010 it opens in Protected View. Administrators can configure if they want all attachments to open in Protected View or just those sent from senders outside their Exchange environment.

Files opened from unsafe locations

For example, files opened from your Temporary Internet Files folder. You can extend this list to include directories you feel are also unsafe.

Files blocked by File Block Policy.

Microsoft introduced File Block in Office 2007 which lets administrators define file types that should not be opened.

In Office 2010 these blocked files can now be opened in Protected View and you can set policy to indicate if the user should be allowed to leave Protected View (by editing the file) or force them to stay in it.

Office File Validation failures

This scans an Office file when it is being opened and validates it against a well-known schema. When there are inconsistencies between the file and the schema, the file will fail validation and opens in Protected View.

File Open Dialog

You can open files in Protected View explicitly by using the Open button.

Word 2010 Open in Protected View 3

As Vikas discussed, Protected View is one of the new security defenses in Office 2010.

For a malware to be able to run in Protected View, it will need to find a way around DEP, ASLR, GS and the 2010 Office File validation checks. And after all that, the malware would need to find a way to break out of the sandbox.

For sure, this is a step in the right direction from Microsoft. The next time you received a ‘scary’ Word file, you can open it in Protected View and read it without having to worry that something bad could happen to your computer.

Read more:

Microsoft Office 2010 Engineering: http://blogs.technet.com/office2010/archive/2009/08/13/protected-view-in-office-2010.aspx

Reblog this post [with Zemanta]

Thousands of templates to jump start your project

Acceptance Test Plan

Contingency Plan

Software Development Templates

Acquisition Plan

Conversion Plan

Software Requirements Specification

Action Plan

Cost Benefit Analysis

Software Testing

API Documentation

Database Design

Standard Operating Procedures (SOP)

Audience Analysis

Datasheet

Statement of Work

Availability Plan

Deployment Plan

System Administration Guide

Bill of Materials

Design Document

System Boundary

Business Case

Disaster Recovery Plan

System Design Document

Business Continuity

Disposition Plan

System Specifications

Business Plan

Documentation Plan

Technical Writing Templates

Business Process

Employee Handbook

Test Plan

Business Requirements

Error Message Guide

Training Plan

Business Rules

Expression of Interest

Transition Plan

Capacity Plan

Fact Sheet

Troubleshooting Guide

Case Study

Feasibility Study

Use Case

Change Management Plan

Functional Requirements

User Guide

Communication Plan

Grant Proposal

Verification and Validation Plan

Concept of Operations

Implementation Plan

White Papers

Concept Proposal

Installation Plan

Work Instructions

Configuration Management Plan

Interface Control Document

Software Development Templates

Acceptance Test Plan

Maintenance Plan

Software Requirements Specification

Acquisition Plan

Market Research

Software Testing

Action Plan

Marketing Plan

Standard Operating Procedures (SOP)

API Documentation

Needs Statement

Statement of Work

Audience Analysis

Operations Guide

System Administration Guide

Availability Plan

Policy Manual

System Boundary

Bill of Materials

Project Plan

System Design Document

Business Case

Proposal Manager Templates

System Specifications

Business Continuity

Proposal Template

Technical Writing Templates

Business Plan

Quality Assurance Plan

Test Plan

Business Process

Release Notes

Training Plan

Business Requirements

Request for Proposal

Transition Plan

Business Rules

Risk Management Plan

Troubleshooting Guide

Capacity Plan

Scope of Work

Use Case

Case Study

Security Plan

User Guide

Change Management Plan

Service Level Agreement (SLA)

Verification and Validation Plan

Communication Plan

Setup Guide

White Papers

Concept of Operations

Social Media Policy

Work Instructions

Concept Proposal

Contingency Plan

 

Configuration Management Plan

Conversion Plan