Microsoft has made available for download a whitepaper "Keeping Enterprise Data Safe with Office 2010 - Office 2010 Security" designed to detail the security features and enhancements packed into Office 2010.
This whitepaper highlights the new security features and enhancements introduced in Office 2010 that help protect organizations from exploits targeting users who use Office apps in their daily work. The paper begins by describing the evolving threat landscape that drove the Office engineering team to make these improvements and how Office security has evolved through different versions.
The paper then goes on to describe the three security goals that guided the Office development process, namely improving the Office security engineering processes, providing effective and easy-to-use protection technologies for Office users, and strengthening Office core security features and technologies. The Office defense-in-depth protection model is described next, after which key security technologies such as Office File Validation, Protected View and Trusted Documents are demonstrated in detail.
The paper concludes by briefly examining other Office 2010 security improvements including Data Execution Prevention, ActiveX kill bit, password complexity requirements, and encryption and digital signature improvements.
More Info: Download