Office applications such as Word, PowerPoint and Excel are among some of the most widely used applications in the world – which also means that they can be targets for attackers trying to infiltrate systems.
Malicious macros are an older style of attack that is, unfortunately, making a comeback. In 2015, office macro exploits are on the rise.
And office applications can be vulnerable in other ways as well. For example, in late 2014 cyber criminals exploited a zero day vulnerability within Windows that handles OLE (object linking and embedding) objects by using malicious PowerPoint documents sent as email attachments. While this vulnerability has since been patched, it still illustrates that a seemingly benign PowerPoint document can be used as a method of attack.
However, users with Invincea Advanced Endpoint Protection installed are protected from exploits delivered via office applications.
With Invincea, office applications run within a secure container. When a file is opened with malicious code within the container and attempts to write to the computer’s file system, it actually writes to the virtual file system, which is wiped away when the container closes.
This means that even in spite of recent indicators that attacks delivered via office files are on the rise, Invincea allows your users to continue to create and share Word, Excel and Powerpoint documents. And since office applications remain within a secure container, your users’ systems are even protected from zero day vulnerabilities.
Updates to office applications are conducted in the normal way, and Invincea Endpoint simply uses whatever version of the supported application is installed. No additional or unusual licensing is required for any of your applications.