Exterminator

Super Moderator
MalwareTips Team
Verified
Joined
Oct 23, 2012
Messages
12,279
Operating System
Windows 10
Antivirus
Kaspersky
#1
Microsoft is implementing a new security feature in its Office productivity suite to block malicious links that are included in Word, Excel, and PowerPoint documents.

Documents hiding links leading to dangerous websites or malware-infected pages have been around for a while, and this is why Microsoft is introducing the Advanced Threat Protection Safe Links feature with support for the Office suite, trying to provide users with an additional protection layer when working on the desktop.

Specifically aimed at Office 365 ProPlus subscribers, the new security feature will provide users with a warning whenever they click a link that’s flagged as dangerous, with two options to be displayed, so they’ll be allowed to either close the page or continue to the site despite the risk of getting infected with malware.

Users can ignore security warnings
Outlook will also support this feature and Microsoft says that IT administrators will be even allowed to completely block access to flagged pages, which means that users would no longer be able to skip the warning and continue to those dangerous websites.

Of course, this makes the new security feature useless if the warning is ignored and the website is indeed compromised, and Microsoft promises to try keeping these alerts as accurate as possible.

“This new capability will further integrate and expand security across Office 365. Our intent has always been to provide our customers with an end-to-end, unified and secure experience across all of Office 365, and this extended capability of Safe Links is an example of our continued step toward this goal,” Microsoft says.

“As cyber criminals broaden the scope of attacks beyond email workloads, it’s necessary to extend security capabilities beyond email. The Safe Links feature in ATP protects customers from malicious links in email.”

The feature will become available later this month and there’s still no work on whether Microsoft plans to expand it to other Office 365 subscribers as well.
 

jamescv7

Level 61
Verified
Joined
Mar 15, 2011
Messages
12,637
Operating System
Windows 10
Antivirus
Windows Defender
#2
It's also a great thing if Microsoft would implement security detection mechanism from not only through malicious links but possible suspected macros.

In that case, the user will not enable the content immediately once a clear description mentioned.
 
Joined
May 22, 2014
Messages
510
Operating System
Windows 10
Antivirus
Windows Defender
#3
I am glad they are doing this. It will reduce the amount of times that an end user clicks a malicious link that may compromise the PC and/or the network.

Hopefully they keep it up with the education integrated within the mechanism (Similar to Data Loss Prevention in Outlook)
 

SHvFl

Level 35
Content Creator
Verified
Joined
Nov 19, 2014
Messages
2,403
Operating System
Windows 10
#4
Specifically aimed at Office 365 ProPlus subscribers....

Everyone with anything else can drop dead and get infected. MS really makes 0 sense.
 

shmu26

Level 71
Content Creator
Verified
Joined
Jul 3, 2015
Messages
6,025
Operating System
Windows 10
#5
Specifically aimed at Office 365 ProPlus subscribers....

Everyone with anything else can drop dead and get infected. MS really makes 0 sense.
Ordinary home users usually leave their Office apps at the default settings, which disable scripts. It's the business users who are likely to enable scripts, so they need the extra protection. I think that's the logic.
 

SHvFl

Level 35
Content Creator
Verified
Joined
Nov 19, 2014
Messages
2,403
Operating System
Windows 10
#6
Ordinary home users usually leave their Office apps at the default settings, which disable scripts. It's the business users who are likely to enable scripts, so they need the extra protection. I think that's the logic.
Office 365 is the subscription model of each version. So for example i can buy Office 2016 or Office 365 as a home user. It will be exactly the same thing. They just added it only to the subscription model because they want to push everyone into that.
 
Joined
May 22, 2014
Messages
510
Operating System
Windows 10
Antivirus
Windows Defender
#7
Specifically aimed at Office 365 ProPlus subscribers....

Everyone with anything else can drop dead and get infected. MS really makes 0 sense.
@SHvFl
I hear you - I have used both versions of Office 365.

ProPlus is used in edu, healthcare, and "relatively critical" environments. The costs can be $20-$35 plus per user per month, usually more. They are doing their best with DLP, Significantly improved protection with the latest release of Exchange Server, Auto-disabling Macros and trying to get some user Education in there. I think it may likely have a trickle down effect. Start with ProPlus and Enterprise, and then down to Business customers, then home.

That's just an assumption. Maybe it is a balance between protection and "perceived" barriers/inconveniences by end-users at the individual level. You can always give feedback (which I believe is warranted).

I have no affiliation with any company. Just a person that values security like all of you guys :).