Educause Security Discussion mailing list archives
Re: Anyone running Office 2007 DEP or MOICE?
From: Bob Doyle <bobdoyle () KELLOGG NORTHWESTERN EDU>
Date: Mon, 5 Apr 2010 10:34:02 -0500
I talked with a co-worker today who's had global DEP enabled for awhile and he's notice that it applies to everything but Excel. If you apply the fixit to enable DEP excel is now covered. Weird.... Bob -----Original Message----- From: Flynn, Gary [mailto:flynngn () JMU EDU] Sent: Friday, April 02, 2010 11:40 AM Subject: Re: Anyone running Office 2007 DEP or MOICE? We've only briefly talked about enabling these in our desktop management meetings. I've been running software DEP configured from the System control panel for years and have had MOICE installed almost since it was introduced. When I open an Office document from the web, MOICE is the default open option. I have not had any problems with either feature though I had to exempt a few programs from DEP. They weren't Office programs though. I wonder if the global System Control Panel DEP settings applies to Office to. Gary Flynn Security Engineer James Madison University
-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bob Doyle Sent: Friday, April 02, 2010 12:01 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Anyone running Office 2007 DEP or MOICE? I'm investigating anti-exploit technologies for Office 2007 and have identified two that seem useful: 1. Enabling Data Execution Prevention for Office 2007 by default http://support.microsoft.com/kb/971766 Description: DEP isn't enabled by default for Office 2007, this turns it on 2. The Microsoft Isolated Converter Environment (MOICE) http://support.microsoft.com/kb/935865 Description: MOICE is an isolated environment that converts any document from binary office format (.doc,.ppt,.xls) to the XML based Office 2007 format (docx, pptx, xlsx). The conversion will pretty much strip out any malicious binary code that could be hiding in the file. Is anyone out there supporting or encouraging users to use either of these? Has anyone run into use cases where these don't work? And btw, what are people's policies toward Office 2007 format these days? Cheers, Bob ----------------------------- Bob Doyle Northwestern University Kellogg School of Management
Current thread:
- Anyone running Office 2007 DEP or MOICE? Bob Doyle (Apr 02)
- <Possible follow-ups>
- Re: Anyone running Office 2007 DEP or MOICE? Flynn, Gary (Apr 02)
- Re: Anyone running Office 2007 DEP or MOICE? Bob Doyle (Apr 05)