Office 2010 Protected View Feature

“Protected View” is one of the new security defense-in-depth features added in Office 2010. The older Office binary file formats had been susceptible to these types of attacks. “Over the past years hackers have discovered ways to manipulate Office binary files so that when they are opened and parsed, they cause their own code embedded […]

“Protected View” is one of the new security defense-in-depth features added in Office 2010. The older Office binary file formats had been susceptible to these types of attacks. “Over the past years hackers have discovered ways to manipulate Office binary files so that when they are opened and parsed, they cause their own code embedded within the file to run. To address these attacks in the past, the Office team had released the MOICE (Microsoft Office Isolated Converter Environment).” In Office 2010 when a file appears to be from a potentially risky location, such as the Internet, it’s now opened in Protected View. Under the covers however, it’s being opened in the new Office 2010 sandbox the “next version” of the MOICE.  Unlike with MOICE, no file conversation’s happening. In fact what’s occurring is the file is being opened within a sandboxed instance of the application (Word, Excel, PowerPoint) and if there was malicious code present in the file the goal is that code would not be able to find a way to tamper with your documents; change your profile or other user settings.

Full ArticleOffice 2010 blog