Hi and welcome to this post. It´s been a while, I know.
In the last days I had a thought over and over again. We are learning things every day. But how should I keep track of all those learned things? You know, besides the typical “I´ll not forget that”, which typically does not work very long for me.
So I thought, why not use the old blog for exactly this? And this is what I´ll do. A blog post for each day with at least one thing I learned during that day. Not super detailed or in HowTo-Style, but sometimes with interesting links for your further research. This will not be limited to technical stuff (I hope) but also to things from around the house, the garden or personal things. The category for the posts will be #WhatILearnedToday.
So, what did I learn today?
Today I learned a little bit about a very interesting new security feature in the Microsoft Universe: Application Guard for Office which is currently in public preview.
Application Guard for Office is yet another security feature that is based on the virtualization technologies included in Windows 10. Basically, Office applications which are Application Guard enabled (currently Word, Excel, PowerPoint) will open in a secure container when the document the user opens is not trusted.
This means, that malicious content will not be able to destroy the computer, because it is completely run in a separated secure environment. The best: it´s transparent to the user. No different windows or an extra app for unsecure content that the user would have to start. Instead, only a small hint is shown:
In my opinion this is a great addition to the other virtualization based security features like Application Guard for Edge and Credential Guard.
If you want to know more, you can find a lot of detailed information about managing the feature, it´s current limitations etc. at the official documentation.
Have a great day!
So this will prevent malicious macros / code (Emoted, etc.) in received E-Mails from infecting your system?
Sounds like an interesting solution…
However, who decides if a document is not trusted and needs to be opened in the container?
jep, that is the goal. I did not find detailed information on what is trustworthy and what not. I assume they will use the similar mechanisms like smartscreen etc.