For everyone who is an avid user of the Microsoft Office family, get ready for MOICE. It sounds pretty simple to operate, and best of all, it is free. Also, it seems to be primarily set for Office 2003, but there appears to be tools that will allow other versions of Office to become more compatible with MOICE. The process MOICE goes through is pretty simple, you load your Office 2003 file into it. Once MOICE finishes converting the file to an Office 2007 Open format to strip out all of the exploit code, it then reconfigures it so you can open it on Office 2003. It sounds pretty good, and so far it has been yielding positive results from Microsoft. The question is, will this be enough?

MOICE (Microsoft Office Isolated Conversion Environment) has gone live and is available for download. The free tool converts files from Office 2003 to the new Office 2007 Open XML format in a bid to strip out the exploit from the file. Once the file has been cleansed of exploits, it can be opened as normal in Office 2003.

The conversions take place in an isolated sandbox environment so they can be done securely, Microsoft officials have said.

“One of the things we noticed is that when we converted an exploit document to the new Office 2007 ‘Metro’ format, it would either fail the conversion, emit a non-exploitable file or the converter itself would crash,” Microsoft Senior Software Development Engineer David LeBlanc wrote in a blog post earlier this month. “Thus,” he continued later, “if we could pre-process documents coming from untrusted sources from the older format to the new format, and then get an older version of Office to use its converter to read in the new file format, the customer is going to end up safer.”[more]

Tags: Computer Protection