Security threats abound in our connected world and those intrusions can lead to loss of critical business data, user and customer information plus serious loss of productivity while recovering from the malicious attacks. One security area that does not get as much coverage as compared to ransomware/malware related attacks: those that occur due to the macro and scripting capabilities of apps in the Office suite of software. This week Microsoft is reporting a resurgence of these types of attacks and will make changes to help combat the threat. Recent Office 365 updates are adding a new layer of security within Office to catch these malicious macros and scripts before they threaten your network.
Microsoft has been working to minimize these threats through better detection of malicious macro/script executions via cloud security solutions such as Windows Defender Advance Threat Protection (ATP). They are using the open Antimalware Scan Interface (AMSI) to implement this new protection. By using the AMSI for this service, other antivirus services can use the same open interface and benefit from the increased detection and security.
With the implementation of AMSI in these Office 365 updates, malware authors will now see their most popular method of concealing threat code, obfuscation, no longer nearly as effective. AMSI’s availability on Windows 10 with an open interface means any security software can request a scan of questionable code before it is executed. AMSI works with JavaScript, VBScript and PowerShell scripting engines.
Microsoft has been using AMSI in its security products for quite some time and this latest addition via these Office 365 updates adds yet another level of protection for your end users.
There are several examples in Microsoft’s blog post about these updates for further clarity plus implementation and group policies for configuring this in your organization.
ALSO:
End of support for Windows 7 is just 15 months away in January 2020. Microsoft has extended the Windows 10 support cycle to 30 months in order to help organizations with their migrations. That also means customers using Intune to support Windows 7 based devices need to be aware of the timeline for that support to close out and come to an end.
Google’s Chrome Browser marked its 10th anniversary this past week with the company sharing about how the browser has grown since enterprise customers began deploying it. According to Google, the early focus was just general web browsing but now the browser is a portal into the world of connected business apps and services. Meanwhile, the browsers wars continue after events of this past week.
Microsoft Ignite begins in Orlando, Florida on September 24, 2018 and begins with the big Vision Keynote from company CEO Satya Nadella that morning. ITPro Today will be on site covering the event but you can also tune into the weeks’ worth of activities using the recently released MSFT Events app which just added Microsoft Ignite 2018. For some reason, the app is only available for iOS and Android devices – no Windows 10 version as of today.
A new whitepaper from Google explains the process of removing data from the Google Cloud Platform (GCP) when requested by one of their customers. It covers details about how the data is normally stored plus information about how long it takes GCP to comply with a request for data removal. In this era of the General Data Protection Regulations (GDPR) this type of information is critical for any of you on the GCP.
